Defiant says a critical flaw in the Everest Forms Pro WordPress plugin, tracked as CVE-2026-3300, has been exploited in the wild for months to execute arbitrary PHP code and take over vulnerable sites. Attackers have used the issue to create administrator accounts and deploy web shells, with most attempts tied to the username βdiksimarinaβ and thousands of exploit attempts blocked. #EverestFormsPro #CVE-2026-3300 #diksimarina
Keypoints
- Everest Forms Pro is installed on more than 100,000 WordPress websites.
- CVE-2026-3300 has a CVSS score of 9.8.
- The flaw lets unauthenticated attackers inject PHP through the Complex Calculation feature.
- Exploitation can lead to administrative account creation and web shell deployment.
- Users should update to version 1.9.13 or newer and check for unauthorized accounts named diksimarina.
Read More: https://www.securityweek.com/everest-forms-vulnerability-exploited-to-hack-wordpress-sites/