Critical Everest Forms Pro Vulnerability Actively Exploited to Compromise WordPress Sites
RedSide Security June 05, 2026 Vulnerability 58 views
Threat actors are actively exploiting a critical remote code execution vulnerability in the Everest Forms Pro WordPress plugin. The flaw allows unauthenticated attackers to execute arbitrary PHP code, create administrator accounts, deploy web shells, and fully compromise affected websites.