Threat actors are actively exploiting a critical security flaw
in Everest Forms Pro, a WordPress plugin with about 4,000 active
installations, to execute arbitrary code, leading to a complete
site compromise. The vulnerability in question is CVE-2026-3300
(CVSS score: 9.8), a remote code execution bug impacting all
versions of the plugin up to, and including, 1.9.12. A patch for
the flaw was
Read more https://thehackernews.com/2026/06/hackers-exploit-critical-everest-forms.html
