Hackers exploit CVE-2026-3300 in Everest Forms Pro to inject PHP via form fields, creating rogue admin accounts. 29,300 attempts blocked. Researcher h0xilo submitted a flaw in Everest Forms Pro for WordPress, tracked as CVE-2026-3300, to Wordfence’s bug bounty program and earned $325 for it....

#Sicherheitslücke

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

Everest Forms Pro WordPress Flaw is Handing Attackers Admin Access

VERWANDTEARTIKEL

Critical Check Point VPN Flaw Exploited to Bypass Passwords in IKEv1 Setups

CVE-2026-43973 - gun HTTP/1.1 response buffer has no size limit allowing server-controlled memory exhaustion

CVE-2026-43974 - gun HTTP/1.1 client accepts unsolicited 101 Switching Protocols response allowing server-driven protocol hijack and OOM

Check Point warnt vor aktiv ausgenutzter VPN-Schwachstelle

USN-8402-1: systemd vulnerabilities

CVE-2026-7186 - Fix stored XSS in URL dashboard widget via dangerous URI schemes