Arbitrary File Upload Vulnerability in Everest Forms Plugin for WordPress
CVE-2025-1128
9.8CRITICAL
Key Information:
- Vendor
- WPeverest
- Status
- Everest Forms – Contact Forms, Quiz, Survey, Newsletter & Payment Form Builder For WordPress
- Vendor
- CVE Published:
- 25 February 2025
Summary
The Everest Forms plugin for WordPress suffers from a security flaw due to inadequate file type and path validation in the 'format' method of the EVF_Form_Fields_Upload class. This vulnerability affects all versions up through 3.0.9.4, allowing unauthenticated attackers to exploit it to upload, read, and delete arbitrary files on the server. This could lead to significant security risks, including remote code execution and unauthorized access to sensitive information, potentially enabling an attacker to take over the affected site.
Affected Version(s)
Everest Forms – Contact Forms, Quiz, Survey, Newsletter & Payment Form Builder for WordPress * <= 3.0.9.4
References
CVSS V3.1
Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Arkadiusz Hydzik