Critical Everest Forms Pro flaw exploited to take over WordPress sites

Hackers are actively exploiting a critical vulnerability (CVE-2026-3300) in the Everest Forms Pro plugin to execute arbitrary code and seize administrative control of WordPress websites. Users should update to the patched version immediately and scan their systems for suspicious accounts like ‘diksimarina’.