SecuritySecurityWeekabout 6 hours ago

Everest Forms Vulnerability Exploited to Hack WordPress Sites

1 min read

CVE-2026-3300 allows unauthenticated attackers to inject and execute PHP code via Everest Forms Pro's Complex Calculation feature. The flaw affects over 100,000 sites, with 29,000 exploit attempts blocked by Defiant. Attackers create admin accounts named 'diksimarina' or ' [email protected] '. The vulnerability was patched in Everest Forms Pro version 1.9.13 released March. Exploitation began April 13.

Level

Hype check

Tap to vote and see what everyone thinks.

#everest forms #cve-2026-3300 #wordpress

Read full story

More to chew on!

Securityabout 10 hours ago

SolarWinds Serv-U Vulnerability Exploited in the Wild

Securityabout 4 hours ago

Check Point VPN Flaw Lets Attackers Bypass Passwords