TECH NEWS

Everest Forms Vulnerability Exploited to Hack WordPress Sites

A critical-severity vulnerability in the Everest Forms Pro WordPress plugin has been exploited in the wild for months for site takeover, Defiant warns.

Present on more than 100,000 WordPress websites, Everest Forms is designed for creating contact forms, order forms, payment forms, and surveys.

Tracked as CVE-2026-3300 (CVSS score of 9.8), the security defect allows unauthenticated, remote attackers to inject PHP code into form fields using the Complex Calculation feature.

Although user input is sanitized, a vulnerable function in the plugin does not escape single quotes and other characters, and adds the provided values to a PHP code string.

A remote, unauthenticated attacker can supply a value containing a single quote followed by malicious PHP code and a comment character, which results in the injection of PHP code that is executed on the server.

“This makes it possible for unauthenticated attackers to inject and execute arbitrary PHP code on the...

Copyright of this story solely belongs to securityweek.com. To see the full text click HERE

https://cdn.mos.cms.futurecdn.net/UR8qQPMXYsvUX9jbMeQkLe-624-80.jpg

X-VPN proves its privacy credentials with new independent no-logs audit

* An independent audit confirms X-VPN doesn't collect or store identifiable user data * The audit examined technical controls, server security, and data governance * Third-party audits prove that a VPN's no-logs policy is actually enforced in practice Virtual private networks exist to protect your digital footprint, but a

https://cdn.mos.cms.futurecdn.net/sqGgDPxHyGtqunPo56h9cL-2560-80.jpg

Age verification for social media is the right idea built the wrong way

This February, Spain announced plans for a comprehensive social media ban for children under 16. It was no longer acceptable, Spanish Prime Minister Pedro Sánchez told an audience at the World Governments Summit in Dubai, to leave children unattended in the “digital Wild West,” which he described as rife with

not set

© 2009-2025 Independent News Service. All rights reserved. * Site Map * Legal disclaimer * Privacy Policy * CSR Policy * RIO * RSS Copyright of this story solely belongs to indiatvnews.com. To see the full text click HERE

https://cdn1.expresscomputer.in/wp-content/uploads/2025/11/24153320/EC_03_Data_Analytics_Technology_750.jpg

Why static market research models are evolving into decision intelligence systems

By Vishal Ranjan, Founder & CEO of Claight The market research industry built its business on annual reports and stable forecasts. A series of global shocks has made that model untenable, and the firms that survive the next decade will look nothing like those that dominated the last one. There

Read more

X-VPN proves its privacy credentials with new independent no-logs audit

Age verification for social media is the right idea built the wrong way

not set

Why static market research models are evolving into decision intelligence systems