Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

Published: 13/02/2025 Updated: 19/02/2025

Stored XSS Vulnerability in Everest Forms WordPress Plugin Before 3.0.8.1

The Everest Forms WordPress plugin versions prior to 3.0.8.1 contain a Cross Site Scripting (XSS) vulnerability. Administrators and high-privilege users could potentially execute stored XSS attacks through unsanitized plugin settings. This vulnerability remains possible even in multisite environments where the unfiltered_html capability is typically restricted, enabling malicious script injection through the plugin's configuration options.

Vulnerable Product	Search on Vulmon	Subscribe to Product
unknown everest forms

https://nvd.nist.gov https://www.first.org/epss https://wpscan.com/vulnerability/f60a8358-1765-4cae-9c89-0d75c5e394ec/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2024-13125

Vulnerability Summary

References

Vulmon Search

About

Products

Connect