#cve Tech News.

1 story in the last 7 days

The latest cve news, distilled by AI into sharp ~100-word summaries. ByteBrief tracks cve across dozens of tech sources and brings you only what matters, updated hourly. Tap any story for the full brief, or open the original source.

SecurityBleepingComputerabout 10 hours ago

Everest Forms Pro flaw exploited to hijack WordPress sites

Hackers are actively exploiting CVE-2026-3300 in Everest Forms Pro versions 1.9.12 and earlier to take over WordPress sites without authentication. The vulnerability resides in the Complex Calculation feature, which passes user input through sanitize_text_field but fails to escape single quotes, allowing PHP code injection via eval. Attackers inject code that calls wp_insert_user to create rogue admin accounts like 'diksimarina'.

Read summary Source

Summaries by ByteBrief