{"uuid": "9230f5df-ffcd-4da7-b904-d45c51196ea0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1128", "type": "exploited", "source": "https://t.me/suboxone_chatroom/7456", "content": "CVE-2025-1128: RCE in Everest Forms WordPress Plugin, 9.8 rating \ud83d\udd25\n\nThe vulnerability allows an unauthenticated attacker to perform a wide range of actions with the site: upload arbitrary files, RCE, delete config files.\n\nSearch at Netlas.io:\n\ud83d\udc49 Link: https://nt.ls/q6pgJ\n\ud83d\udc49 Dork: http.body:\"plugins/everest-forms\"\n\nRead more: https://www.wordfence.com/blog/2025/02/100000-wordpress-sites-affected-by-arbitrary-file-upload-read-and-deletion-vulnerability-in-everest-forms-wordpress-plugin/", "creation_timestamp": "2025-04-01T12:37:44.000000Z"}