Hackers are actively exploiting a critical vulnerability (CVE-2026-3300) in the Everest Forms Pro plugin, which lets them take complete control of a WordPress website. [...]
Critical Everest Forms Pro flaw exploited to take over WordPress sites
Summary + source link. No paywalls, no tracking.