Skip to main content

Everest Forms

14 CVEs product

Monthly

CVE-2026-12270 MEDIUM POC PATCH This Month

Unauthenticated remote attackers can completely bypass access controls on Everest Forms REST API endpoints in all plugin versions before 3.5.0, enabling them to read onboarding status data, modify plugin settings, and send emails from the WordPress site to arbitrary addresses. The flaw arises because the capability check is conditioned on an attacker-controllable HTTP request header - omitting or altering that header disables the authorization gate entirely. A publicly available proof-of-concept exploit exists, and SSVC assessment confirms the attack is automatable; however, this vulnerability is not in CISA KEV, and EPSS sits at 0.14%, suggesting limited observed exploitation despite the low barrier to entry.

WordPress Authentication Bypass Everest Forms
NVD WPScan
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-11571 HIGH POC PATCH This Week

Information disclosure in the Everest Forms WordPress plugin before 3.5.0 allows unauthenticated remote attackers to download other users' form submissions. The plugin generates temporary CSV files during email-notification processing but fails to reliably delete them, leaving them publicly accessible in the wp-content uploads directory under predictable, enumerable filenames. Publicly available exploit code exists and the flaw is automatable per CISA SSVC, though EPSS remains low at 0.14%; not listed in CISA KEV.

WordPress Information Disclosure Everest Forms
NVD WPScan
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-5927 HIGH This Week

The Everest Forms (Pro) WordPress plugin versions up to 1.9.4 contain an arbitrary file deletion vulnerability in the delete_entry_files() function due to insufficient path validation (CWE-36). Unauthenticated attackers can delete arbitrary files on the server by tricking an administrator into deleting a form entry, potentially leading to remote code execution through deletion of critical files like wp-config.php. This is a high-severity vulnerability (CVSS 7.5) that requires social engineering or admin interaction but can completely compromise WordPress installations.

RCE PHP WordPress Everest Forms
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2024-8542 MEDIUM POC Monitor

The Everest Forms WordPress plugin before 3.0.3.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Everest Forms
NVD WPScan
CVSS 3.1
4.8
EPSS
0.1%
CVE-2025-26841 MEDIUM This Month

Cross Site Scripting vulnerability in WPEVEREST Everest Forms before 3.0.9 allows an attacker to execute arbitrary code via a file upload. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE XSS File Upload Everest Forms
NVD GitHub
CVSS 3.1
6.1
EPSS
0.2%
CVE-2025-3439 CRITICAL PATCH Act Now

The Everest Forms - Contact Form, Quiz, Survey, Newsletter & Payment Form Builder for WordPress plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.1.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Information Disclosure WordPress PHP Deserialization Everest Forms
NVD
CVSS 3.1
9.8
EPSS
4.5%
CVE-2025-3422 MEDIUM PATCH This Month

The The Everest Forms - Contact Form, Quiz, Survey, Newsletter & Payment Form Builder for WordPress plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE WordPress Code Injection Everest Forms PHP
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2025-1128 CRITICAL PATCH Act Now

The Everest Forms - Contact Forms, Quiz, Survey, Newsletter & Payment Form Builder for WordPress plugin for WordPress is vulnerable to arbitrary file upload, read, and deletion due to missing file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Unrestricted File Upload vulnerability could allow attackers to upload malicious files that can be executed on the server.

WordPress Information Disclosure RCE File Upload Everest Forms +1
NVD GitHub
CVSS 3.1
9.8
EPSS
7.4%
CVE-2024-13125 LOW POC Monitor

The Everest Forms WordPress plugin before 3.0.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Everest Forms
NVD WPScan
CVSS 3.1
3.5
EPSS
0.1%
CVE-2024-10471 MEDIUM POC This Month

The Everest Forms WordPress plugin before 3.0.4.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Everest Forms
NVD WPScan
CVSS 3.1
4.8
EPSS
0.4%
CVE-2024-1812 HIGH PATCH This Week

The Everest Forms plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.0.7 via the 'font_url' parameter. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

SSRF WordPress Everest Forms
NVD VulDB
CVSS 3.1
7.2
EPSS
0.6%
CVE-2023-51695 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPEverest Everest Forms - Build Contact Forms, Surveys, Polls, Application Forms, and more with. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Everest Forms
NVD
CVSS 3.1
5.9
EPSS
0.1%
CVE-2021-24907 MEDIUM POC This Month

The Contact Form, Drag and Drop Form Builder for WordPress plugin before 1.8.0 does not escape the status parameter before outputting it back in an attribute, leading to a Reflected Cross-Site. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Everest Forms
NVD WPScan
CVSS 3.1
6.1
EPSS
0.9%
CVE-2019-13575 CRITICAL PATCH Act Now

A SQL injection vulnerability exists in WPEverest Everest Forms plugin for WordPress through 1.4.9. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

SQLi WordPress PHP Everest Forms
NVD GitHub
CVSS 3.1
9.8
EPSS
2.6%
EPSS 0% CVSS 6.5
MEDIUM POC PATCH This Month

Unauthenticated remote attackers can completely bypass access controls on Everest Forms REST API endpoints in all plugin versions before 3.5.0, enabling them to read onboarding status data, modify plugin settings, and send emails from the WordPress site to arbitrary addresses. The flaw arises because the capability check is conditioned on an attacker-controllable HTTP request header - omitting or altering that header disables the authorization gate entirely. A publicly available proof-of-concept exploit exists, and SSVC assessment confirms the attack is automatable; however, this vulnerability is not in CISA KEV, and EPSS sits at 0.14%, suggesting limited observed exploitation despite the low barrier to entry.

WordPress Authentication Bypass Everest Forms
NVD WPScan
EPSS 0% CVSS 7.5
HIGH POC PATCH This Week

Information disclosure in the Everest Forms WordPress plugin before 3.5.0 allows unauthenticated remote attackers to download other users' form submissions. The plugin generates temporary CSV files during email-notification processing but fails to reliably delete them, leaving them publicly accessible in the wp-content uploads directory under predictable, enumerable filenames. Publicly available exploit code exists and the flaw is automatable per CISA SSVC, though EPSS remains low at 0.14%; not listed in CISA KEV.

WordPress Information Disclosure Everest Forms
NVD WPScan
EPSS 1% CVSS 7.5
HIGH This Week

The Everest Forms (Pro) WordPress plugin versions up to 1.9.4 contain an arbitrary file deletion vulnerability in the delete_entry_files() function due to insufficient path validation (CWE-36). Unauthenticated attackers can delete arbitrary files on the server by tricking an administrator into deleting a form entry, potentially leading to remote code execution through deletion of critical files like wp-config.php. This is a high-severity vulnerability (CVSS 7.5) that requires social engineering or admin interaction but can completely compromise WordPress installations.

RCE PHP WordPress +1
NVD
EPSS 0% CVSS 4.8
MEDIUM POC Monitor

The Everest Forms WordPress plugin before 3.0.3.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Everest Forms
NVD WPScan
EPSS 0% CVSS 6.1
MEDIUM This Month

Cross Site Scripting vulnerability in WPEVEREST Everest Forms before 3.0.9 allows an attacker to execute arbitrary code via a file upload. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE XSS File Upload +1
NVD GitHub
EPSS 4% CVSS 9.8
CRITICAL PATCH Act Now

The Everest Forms - Contact Form, Quiz, Survey, Newsletter & Payment Form Builder for WordPress plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.1.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Information Disclosure WordPress PHP +2
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

The The Everest Forms - Contact Form, Quiz, Survey, Newsletter & Payment Form Builder for WordPress plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE WordPress Code Injection +2
NVD
EPSS 7% CVSS 9.8
CRITICAL PATCH Act Now

The Everest Forms - Contact Forms, Quiz, Survey, Newsletter & Payment Form Builder for WordPress plugin for WordPress is vulnerable to arbitrary file upload, read, and deletion due to missing file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Unrestricted File Upload vulnerability could allow attackers to upload malicious files that can be executed on the server.

WordPress Information Disclosure RCE +3
NVD GitHub
EPSS 0% CVSS 3.5
LOW POC Monitor

The Everest Forms WordPress plugin before 3.0.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Everest Forms
NVD WPScan
EPSS 0% CVSS 4.8
MEDIUM POC This Month

The Everest Forms WordPress plugin before 3.0.4.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Everest Forms
NVD WPScan
EPSS 1% CVSS 7.2
HIGH PATCH This Week

The Everest Forms plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.0.7 via the 'font_url' parameter. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

SSRF WordPress Everest Forms
NVD VulDB
EPSS 0% CVSS 5.9
MEDIUM This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPEverest Everest Forms - Build Contact Forms, Surveys, Polls, Application Forms, and more with. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Everest Forms
NVD
EPSS 1% CVSS 6.1
MEDIUM POC This Month

The Contact Form, Drag and Drop Form Builder for WordPress plugin before 1.8.0 does not escape the status parameter before outputting it back in an attribute, leading to a Reflected Cross-Site. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Everest Forms
NVD WPScan
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

A SQL injection vulnerability exists in WPEverest Everest Forms plugin for WordPress through 1.4.9. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

SQLi WordPress PHP +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy