Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Watchlists Beta Browse News Feed Stats About Contact

Everest Forms Pro plugin actively exploited RCE (CVE-2026-3300)

Vulnerability
First reported
Last updated
Happening score
H score 44
1 unique sources, 1 articles

Summary

Hide ▲

Everest Forms Pro has an actively exploited critical remote code execution vulnerability, CVE-2026-3300, that lets unauthenticated attackers run PHP and take over WordPress sites. The flaw affects releases through 1.9.12, and WPEverest fixed it in 1.9.13. Wordfence says abuse began on April 13, 2026, and its firewall has already blocked more than 29,300 exploit attempts.

Related Happenings

WordPress plugin exploitation wave (GutenKit and Hunk Companion)

Exploitation Wave
First: 24.10.2025 22:28 Last: 24.10.2025 22:28 Sources 1

About this happening: **WordPress** sites are facing a broad **exploitation wave** against **GutenKit** and **Hunk Companion** plugin flaws, with **Wordfence** blocking **8.7 million attack attempts**...

Open Happening

Timeline

  1. 04.06.2026 19:15 1 articles · 1h ago

    Everest Forms Pro attackers begin exploiting CVE-2026-3300

    Exploitation Observed

    Wordfence telemetry shows unauthenticated attackers began exploiting CVE-2026-3300 against Everest Forms Pro WordPress sites on April 13, 2026, using the plugin's Complex Calculation feature to reach PHP eval() and potentially create rogue administrator accounts or plant webshells.

    Show sources
    Open in new tab
  2. 04.06.2026 19:15 1 articles · 1h ago

    Wordfence blocks 17,900 Everest Forms Pro exploit attempts in a May 16 surge

    Detection Ioc Update

    Wordfence said its firewall blocked more than 29,300 exploit attempts against Everest Forms Pro, and a surge on May 16, 2026 accounted for over 17,900 blocked attempts in a single day.

    Show sources
    Open in new tab
  3. 04.06.2026 19:15 2 articles · 1h ago

    Wordfence discloses active exploitation of Everest Forms Pro CVE-2026-3300

    Initial Disclosure

    Wordfence disclosed that Everest Forms Pro for WordPress has a critical remote code execution flaw tracked as CVE-2026-3300, rated 9.8 on the CVSS scale and affecting releases through 1.9.12; WPEverest fixed the bug in 1.9.13, and administrators were urged to update affected sites without delay.

    Show sources
    Open in new tab