Home

Description

Cross Site Scripting vulnerability in WPEVEREST Everest Forms before 3.0.9 allows an attacker to execute arbitrary code via a file upload.

PUBLISHED Reserved 2025-02-15 | Published 2025-05-12 | Updated 2025-05-12 | Assigner mitre

References

everestforms.net

gist.github.com/knilkantha/71458e9a787157653d5603fe6880bc05

cve.org (CVE-2025-26841)

nvd.nist.gov (CVE-2025-26841)

Download JSON