📦 Everest Forms

The Everest Forms WordPress plugin is vulnerable to PHP object injection via deserialization of untrusted input in the 'field_value' parameter. This allows unauthenticated attackers to inject PHP obje...

This vulnerability in the Everest Forms WordPress plugin allows unauthenticated attackers to upload, read, and delete arbitrary files on affected servers. It affects all versions up to 3.0.9.4 due to ...

The Everest Forms WordPress plugin has a Server-Side Request Forgery (SSRF) vulnerability that allows unauthenticated attackers to make arbitrary web requests from the vulnerable server. This can be u...

The Everest Forms WordPress plugin before version 3.0.3.1 contains a stored cross-site scripting (XSS) vulnerability in its settings. This allows authenticated administrators to inject malicious scrip...

A Cross-Site Scripting (XSS) vulnerability in Everest Forms WordPress plugin before version 3.0.9 allows attackers to execute arbitrary JavaScript code via file upload functionality. This affects Word...

This vulnerability allows authenticated WordPress users with Subscriber-level access or higher to execute arbitrary shortcodes through the Everest Forms plugin. Attackers can leverage this to perform ...