Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in Everest Forms – Contact Forms, Quiz, Survey, Newsletter & Payment Form Builder for WordPress 3.0.8

  • Severity: medium-risk
  • Status: Fixed
  • Publication: January 17, 2025

A popular plugin for WordPress called ‘Everest Forms’ has a security issue that could put your website at risk. This vulnerability, known as Stored Cross-Site Scripting, allows attackers with high-level permissions to add harmful web scripts to certain pages on your site. This can potentially harm users who visit those pages. To protect yourself, make sure to update to version 3.0.9 or above.

Detected in:

Contact Form by Everest Forms – Simple Contact Form to Advanced Contact Form, Quiz, Survey, & Custom Contact Form Builder for WordPress fixed vulnerable versions:
Everest Forms – Contact Form, Payment Form, Quiz, Survey & Custom Form Builder fixed vulnerable versions:
Everest Forms – Contact Form, Quiz, Survey, Newsletter & Payment Form Builder for WordPress fixed vulnerable versions:
Everest Forms – Contact Forms, Quiz, Survey, Newsletter & Payment Form Builder for WordPress fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.