What is CVE-2022-47420?

It's an SQL injection flaw in Online ADA Accessibility Suite for WordPress, letting attackers run arbitrary database queries via tainted inputs. Affects versions through 4.12.

How do I fix CVE-2022-47420 in my WordPress site?

Update to v4.13+, deactivate if unsure, and run a security scan. Check plugin changelogs for details.

Are Online ADA plugins safe after CVE-2022-47420?

Newer versions patch it, but audit your setup — no plugin's bulletproof without vigilance.

🕳️ Vulnerabilities & CVEs

SQL Injection Hits Online ADA Accessibility Suite, Endangering WordPress Databases

A single malicious input into an accessibility widget — and poof, your site's database spills open. CVE-2022-47420 strikes at the heart of Online ADA's plugin, a tool millions use for compliance.

theAIcatchup Apr 08, 2026 4 min read

Alert graphic showing SQL injection vulnerability CVE-2022-47420 in Online ADA Accessibility Suite plugin

⚡ Key Takeaways

CVE-2022-47420 enables SQL injection in Online ADA Accessibility Suite up to v4.12, risking full database exposure. 𝕏
WordPress sites must update immediately; average patch lag leaves millions vulnerable. 𝕏
Irony alert: accessibility compliance tools breed their own security risks — time to demand better from vendors. 𝕏

Published by

theAIcatchup

Threat intelligence. Zero noise.

#ADA Compliance Security #CVE-2022-47420 #Online ADA #SQL injection #WordPress Plugin Vulnerability #WordPress Vulnerability

Worth sharing?

Get the best Cybersecurity stories of the week in your inbox — no noise, no spam.

Originally reported by NVD Vulnerabilities

⚡ Key Takeaways

The 60-Second TL;DR

theAIcatchup

Share this article

Worth sharing?

Related Stories

CVE-2022-46808: The SQL Injection Lurking in ARMember's Membership Plugin

Slimstat's SQL Injection Nightmare: CVE-2022-45373 Cracks Open Analytics Doors

Spiffy Calendar SQL Injection Lets Hackers Hijack WordPress Databases

CVE-2022-47428: The SQL Injection Lurking in Your WordPress Booking Calendar

Stay in the loop