Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in Everest Forms – Contact Forms, Quiz, Survey, Newsletter & Payment Form Builder for WordPress 3.0.9.4

  • Severity: critical
  • Status: Fixed
  • Publication: February 17, 2025

A popular WordPress plugin called “Everest Forms” has a security issue that allows unauthorized users to upload, view, and delete any file on the website’s server. This could lead to serious consequences such as hackers gaining control of the website or accessing sensitive information. The issue affects all versions of the plugin up to 3.0.9.4.

Detected in:

Contact Form by Everest Forms – Simple Contact Form to Advanced Contact Form, Quiz, Survey, & Custom Contact Form Builder for WordPress fixed vulnerable versions:
Everest Forms – Contact Form, Payment Form, Quiz, Survey & Custom Form Builder fixed vulnerable versions:
Everest Forms – Contact Form, Quiz, Survey, Newsletter & Payment Form Builder for WordPress fixed vulnerable versions:
Everest Forms – Contact Forms, Quiz, Survey, Newsletter & Payment Form Builder for WordPress fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.