High 8.1
2026-04-20< 3.4.5
CVE-2026-5478
Everest Forms – Contact Form, Payment Form, Quiz, Survey & Custom Form Builder
Minimum safe version
3.4.5
Update to 3.4.5 or later to address 17 fixable vulnerabilities
Latest available3.4.7 ✓
N/A
2026-04-07< 3.4.4
Everest Forms <= 3.4.3 - Unauthenticated PHP Object Injection via Form Entry Metadata
Medium 5.3
2026-02-19< 3.4.2
CVE-2026-22422
Critical 9.8
2025-06-27< 3.2.3
CVE-2025-52709
Medium 6.1
2025-05-12< 3.0.9
CVE-2025-26841
Medium 6.1
2025-04-11< 3.1.2
Everest Forms <= 3.1.1 - Reflected Cross-Site Scripting
Medium 5.4
2025-04-11< 3.1.2
Everest Forms <= 3.1.1 - Authenticated (Subscriber+) Arbitrary Shortcode Execution
Critical 9.8
2025-04-11< 3.1.2
Everest Forms – Contact Form, Quiz, Survey, Newsletter & Payment Form Builder for WordPress <= 3.1.1 - Unauthenticated PHP Object Injection
Critical 9.8
2025-02-25< 3.0.9.5
Everest Forms <= 3.0.9.4 - Unauthenticated Arbitrary File Upload, Read, and Deletion
Low 3.5
2025-02-13< 3.0.8.1
CVE-2024-13125
Medium 4.8
2024-11-26< 3.0.4.2
CVE-2024-10471
Medium 4.8
2025-05-15< 3.0.3.1
Everest Forms <= 3.0.3 - Authenticated (Administrator+) Stored Cross-Site Scripting
High 7.2
2024-04-09< 2.0.8
CVE-2024-1812
Medium 5.3
2024-12-26< 2.0.3.1
WordPress Everest Forms Plugin <= 2.0.3 is vulnerable to Broken Access Control
Medium 5.9
2024-12-27< 2.0.5
WordPress Everest Forms Plugin <= 2.0.4.1 is vulnerable to Cross Site Scripting (XSS)
Critical 9.8
2019-07-19< 1.5.0
WordPress Everest Forms plugin <= 1.4.9 - SQL Injection (SQLi) vulnerability
Medium 6.1
2021-12-21< 1.8.0
CVE-2021-24907