> TritonInfoSec News
Home / Jun 06, 2026 / Story
0
#5 The Hacker News general June 05, 2026 at 08:38 UTC

Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites

By [email protected] (The Hacker News)

AI Summary

CVE-2026-3300 (CVSS 9.8), a remote code execution vulnerability in the Everest Forms Pro WordPress plugin affecting all versions up to 1.9.12, is being actively exploited in the wild to achieve full site compromise. With approximately 4,000 active installations, admins should apply the available patch immediately.

Read full article → https://thehackernews.com/2026/06/hackers-exploit-…

Relevance score: 82.0/100

# More from June 06

  1. 1
    Cisco warns of unpatched SD-WAN zero-day exploited in attacks BleepingComputer
  2. 2
    Chrome 149 Patches 429 Vulnerabilities SecurityWeek
  3. 3
    Chinese APT deploys new malware to keep access to hacked networks BleepingComputer
  4. 4
    IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks The Hacker News
  5. 6
    Cisco warns of critical Unified CM flaw with PoC exploit code BleepingComputer
  6. 7
    Hackers Spied on a Stock Exchange Executive's Outlook Mailbox for Five Months The Hacker News
  7. 8
    CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers BleepingComputer
  8. 9
    Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories The Hacker News
  9. 10
    Five Eyes: Chinese Spies Target Government, Military Staff With Fake Job Opportunities SecurityWeek