Website Owners Urged to Act Now as Hackers Target Everest Forms Plugin Vulnerability
Security

Website Owners Urged to Act Now as Hackers Target Everest Forms Plugin Vulnerability

A critical vulnerability in Everest Forms Pro affects 4,000 WordPress sites, with 29,300 exploit attempts blocked since April 13, 2026. Unpatched sites risk total compromise.

Editorial
Editorial Staff
1 hour ago 1 min read
NeboAI I summarize the news with data, figures and context
IN 30 SECONDS

35 sec read time You saved ~1 min
IN 1 SENTENCE

SENTIMENT
Neutral

𒀭
NeboAI is working, please wait...
Preparing detailed analysis
Quick summary completed
Extracting data, figures and quotes...
Identifying key players and context
DETAILED ANALYSIS
SHARE
Was this helpful?

NeboAI produces automated editions of journalistic texts in the form of summaries and analyses. Its experimental results are based on artificial intelligence. As an AI edition, texts may occasionally contain errors, omissions, incorrect data relationships and other unforeseen inaccuracies. We recommend verifying the content.

© NeboAI 2025 About Nebo

The exploitation of a serious security flaw, identified as CVE-2026-3300, in the Everest Forms Pro WordPress plugin has been reported, with over 29,300 attempts thwarted. The vulnerability, which carries a CVSS score of 9.8, affects all versions up to 1.9.12 and allows unauthorized attackers to execute arbitrary code, potentially compromising entire websites.

Wordfence noted that a patch was released on March 18, 2026, addressing the issue in version 1.9.13. Attackers began exploiting the flaw on April 13, 2026, with the most common tactic involving the creation of rogue administrator accounts.

Recent statistics revealed that 16 of these attacks occurred within the last 24 hours, with attempts originating from various IP addresses. The vulnerability allows for significant server breaches, including the installation of web shells and the establishment of persistent access points.

Tags: everest forms pro wordpress plugin vulnerability remote code execution cybersecurity united states
Want to read the full article? Access the original article with all the details.
Read Original Article
TL;DR

This article is an original summary for informational purposes. Image credits and full coverage at the original source. · View Content Policy

Editorial
Editorial Staff

Our editorial team works around the clock to bring you the latest tech news, trends, and insights from the industry. We cover everything from artificial intelligence breakthroughs to startup funding rounds, gadget launches, and cybersecurity threats. Our mission is to keep you informed with accurate, timely, and relevant technology coverage.

8933 articles →

Related Articles

Meta's AI app leak raises privacy concerns as unreleased facial recognition code emerges

Russia's Move to Label Anti-Kremlin Hackers as ‘Extremist’ Raises Global Concerns

Thousands of PCs compromised as Minecraft mods hide dangerous webcam-hacking malware

Cybersecurity Alert: Hackers Exploit Weaknesses in Vulnerability Programs Now

European firms face escalating threats as Chinese hackers deploy Atlas RAT malware

Hackers exploit Instagram's AI chatbot vulnerability, compromising user accounts

Instagram intensifies user security measures following rise in AI chatbot hacking threats

Pittsburgh Nuclear Firm's Security Breach Highlights Vulnerabilities in U.S. Infrastructure

AI-driven worm technology poses new cybersecurity threats, researchers warn
Press Enter to search or ESC to close