Known Vulnerabilities for Everest Forms by Wpeverest
Listed below are 5 of the newest known vulnerabilities associated with "Everest Forms" by "Wpeverest".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-57312 json | Unauthenticated Cross Site Scripting (XSS) in Everest Forms <= 3.4.8 versions. | Not Provided | 2026-06-26 | 2026-06-26 |
| CVE-2026-27070 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPEverest Everest Forms... | Not Provided | 2026-03-19 | 2026-04-28 |
| CVE-2026-12270 json | The Everest Forms WordPress plugin before 3.5.0 does not correctly restrict access to several REST API endpoints belonging t... | Not Provided | 2026-07-09 | 2026-07-09 |
| CVE-2026-11571 json | The Everest Forms WordPress plugin before 3.5.0 does not reliably delete temporary CSV files generated during email-notifica... | Not Provided | 2026-07-09 | 2026-07-09 |
| CVE-2026-5478 json | The Everest Forms plugin for WordPress is vulnerable to Arbitrary File Read and Deletion in all versions up to, and including... | Not Provided | 2026-04-20 | 2026-04-21 |
| CVE-2026-4888 json | The Everest Forms – Contact Form, Payment Form, Quiz, Survey & Custom Form Builder plugin for WordPress is vulnerable to un... | Not Provided | 2026-05-28 | 2026-05-28 |
| CVE-2025-3421 json | Not Provided | 2025-04-11 | 2026-04-08 | |
| CVE-2024-1812 json | Not Provided | 2024-04-09 | 2026-04-08 | |
| CVE-2023-51695 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPEverest Everest Forms... | Not Provided | 2024-02-01 | 2026-04-28 |
| CVE-2021-24907 json | The Contact Form, Drag and Drop Form Builder for WordPress plugin before 1.8.0 does not escape the status parameter before ou... | 6.1 - MEDIUM | 2021-12-21 | 2021-12-27 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Wpeverest | Everest Forms | 1.5.1 | |||
| Application | Wpeverest | Everest Forms | 1.5.0 | |||
| Application | Wpeverest | Everest Forms | 1.4.9 | |||
| Application | Wpeverest | Everest Forms | 1.4.8 | |||
| Application | Wpeverest | Everest Forms | 1.4.7 | |||
| Application | Wpeverest | Everest Forms | 1.4.6 | |||
| Application | Wpeverest | Everest Forms | 1.4.5 | |||
| Application | Wpeverest | Everest Forms | 1.4.4 | |||
| Application | Wpeverest | Everest Forms | 1.4.3 | |||
| Application | Wpeverest | Everest Forms | 1.4.2 | |||
| Application | Wpeverest | Everest Forms | 1.4.1 | |||
| Application | Wpeverest | Everest Forms | 1.4.0 | |||
| Application | Wpeverest | Everest Forms | 1.4.0 | |||
| Application | Wpeverest | Everest Forms | 1.4.0 | |||
| Application | Wpeverest | Everest Forms | 1.4.0 | |||
| Application | Wpeverest | Everest Forms | 1.4.0 | |||
| Application | Wpeverest | Everest Forms | 1.4.0 | |||
| Application | Wpeverest | Everest Forms | 1.4.0 | |||
| Application | Wpeverest | Everest Forms | 1.3.4 | |||
| Application | Wpeverest | Everest Forms | 1.3.3 |