PHP Object Injection Vulnerability in Everest Forms Plugin for WordPress by WPEverest
CVE-2025-3439

9.8CRITICAL

Key Information:

Vendor
WordPress
Status
Everest Forms – Contact Form, Quiz, Survey, Newsletter & Payment Form Builder For WordPress
Vendor
CVE Published:
11 April 2025

Summary

The Everest Forms plugin for WordPress, up to version 3.1.1, contains a PHP Object Injection vulnerability due to improper handling of untrusted input from the 'field_value' parameter. This issue allows unauthenticated attackers to potentially inject a PHP object. While no known PHP Object Protocol (POP) chain exists in the vulnerable software, the exploitation risks amplify if a compatible POP chain is present through another plugin or theme. Under such circumstances, attackers could delete arbitrary files, access sensitive data, or execute malicious code, thereby posing significant security threats to WordPress sites using this plugin.

Affected Version(s)

Everest Forms – Contact Form, Quiz, Survey, Newsletter & Payment Form Builder for WordPress * <= 3.1.1

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...
https://plugins.trac.wordpress.org/browser/everest-forms/...
https://plugins.trac.wordpress.org/changeset/3268742/

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

kuaile
.
CVE-2025-3439 : PHP Object Injection Vulnerability in Everest Forms Plugin for WordPress by WPEverest | SecurityVulnerability.io