CVSS: 6.1EPSS: %CPEs: 1EXPL: 0CVE-2025-3421 – Everest Forms <= 3.1.1 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2025-3421
10 Apr 2025 — The Everest Forms – Contact Form, Quiz, Survey, Newsletter & Payment Form Builder for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'form_id' parameter in all versions up to, and including, 3.1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. El complemento T... • https://plugins.trac.wordpress.org/changeset/3268742 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: %CPEs: 1EXPL: 0CVE-2025-3422 – Everest Forms <= 3.1.1 - Authenticated (Subscriber+) Arbitrary Shortcode Execution
https://notcve.org/view.php?id=CVE-2025-3422
10 Apr 2025 — The The Everest Forms – Contact Form, Quiz, Survey, Newsletter & Payment Form Builder for WordPress plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.1.1. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for authenticated attackers, with Subscriber-level access and above, to execute arbitrary shortcodes. El complemento The Everest Forms – Contac... • https://plugins.trac.wordpress.org/changeset/3268742 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: %CPEs: 1EXPL: 0CVE-2025-3439 – Everest Forms – Contact Form, Quiz, Survey, Newsletter & Payment Form Builder for WordPress <= 3.1.1 - Unauthenticated PHP Object Injection
https://notcve.org/view.php?id=CVE-2025-3439
10 Apr 2025 — The Everest Forms – Contact Form, Quiz, Survey, Newsletter & Payment Form Builder for WordPress plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.1.1 via deserialization of untrusted input from the 'field_value' parameter. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is ins... • https://plugins.trac.wordpress.org/browser/everest-forms/trunk/includes/admin/views/html-admin-page-entries-view.php#L147 • CWE-502: Deserialization of Untrusted Data •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1128 – Everest Forms <= 3.0.9.4 - Unauthenticated Arbitrary File Upload, Read, and Deletion
https://notcve.org/view.php?id=CVE-2025-1128
17 Feb 2025 — The Everest Forms – Contact Forms, Quiz, Survey, Newsletter & Payment Form Builder for WordPress plugin for WordPress is vulnerable to arbitrary file upload, read, and deletion due to missing file type and path validation in the 'format' method of the EVF_Form_Fields_Upload class in all versions up to, and including, 3.0.9.4. This makes it possible for unauthenticated attackers to upload, read, and delete arbitrary files on the affected site's server which may make remote code execution, sensitive informati... • https://github.com/wpeverest/everest-forms/commit/7d37858d2c614aa107b0f495fe50819a3867e7f5 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 1CVE-2021-24689 – Contact Forms - Drag & Drop Contact Form Builder <= 1.0.5 - Admin+ Arbitrary System File Read
https://notcve.org/view.php?id=CVE-2021-24689
27 Sep 2021 — The Contact Forms - Drag & Drop Contact Form Builder WordPress plugin through 1.0.5 allows high privilege users to download arbitrary files from the web server via a path traversal attack El plugin Contact Forms - Drag & Drop Contact Form Builder de WordPress versiones hasta 1.0.5, permite a usuarios con altos privilegios descargar archivos arbitrarios del servidor web por medio de un ataque de salto de ruta. • https://wpscan.com/vulnerability/31824250-e0d4-4285-97fa-9880b363e075 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •