Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites

2026-06-05

1 min read

by info@thehackernews.com (The Hacker News)

Read Original

Get the latest tech trends every morning

Receive daily AI-curated summaries of engineering articles from top tech companies worldwide.

Endigest AI Core Summary

Critical remote code execution vulnerability in Everest Forms Pro WordPress plugin enables unauthenticated attackers to compromise websites, while Stripe-based skimmer campaigns abuse trusted payment service infrastructure for command-and-control and data exfiltration.

•CVE-2026-3300 (CVSS 9.8) in Everest Forms Pro affecting versions up to 1.9.12, patched in version 1.9.13 on March 18, 2026, with approximately 4,000 active installations
•Vulnerability in Calculation Addon's process_filter() function concatenates unsanitized user input into PHP code executed via eval(), allowing unauthenticated RCE
•Active exploitation documented since April 13, 2026, with over 29,300 attack attempts recorded, targeting creation of administrator accounts named "diksimarina"
•Skimmer campaigns exploit Stripe and Google Tag Manager domains as trusted infrastructure for stealing payment card data via obfuscated malicious code injected into Magento and Adobe Commerce checkout pages

Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites

Get the latest tech trends every morning

Endigest AI Core Summary

Related Articles

FIFA World Cup 2026 Scams Are Already Live: Fake Sites, Banking Malware, and Stolen Logins

PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network

Hardened Images Explained: Fewer CVEs, Smaller Attack Surface

Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public