Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
Everest Forms Plugin Exposes Over 100,000 WordPress Sites to Complete Takeover
Malware and Vulnerabilities
February 25, 2025
SecurityOnline
The consequences of this vulnerability are dire. Attackers can upload malicious PHP code to the WordPress uploads folder, which is publicly accessible, enabling them to execute arbitrary code on the server.
Read More
CVE-2025-1128
Everest Forms
Wordpress Sites
Arbitrary File Upload
Remote Code Execution (RCE)
Publisher
Previous
Remote Code Execution Flaw Found in MITRE Caldera, PoC ...
Malware and Vulnerabilities
Next
Critical Mattermost Flaws Expose Systems to File Read a ...
Malware and Vulnerabilities
/https://cyware-ent.s3.amazonaws.com/image_bank/b606_shutterstock_1236426880.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/20a7_shutterstock_1703102707.jpg)
