Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites

Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites

/in

Threat actors are actively exploiting a critical security flaw in Everest Forms Pro, a WordPress plugin with about 4,000 active installations, to execute arbitrary code, leading to a complete site compromise.

The vulnerability in question is CVE-2026-3300 (CVSS score: 9.8), a remote code execution bug impacting all versions of the plugin up to, and including, 1.9.12. A patch for the flaw was

The Hacker News – ​Read More