A critical vulnerability (CVE-2026-3300) in the Everest Forms Pro plugin for WordPress is being actively exploited by hackers to take control of websites, allowing them to create unauthorized administrator accounts. The flaw affects versions 1.9.12 and earlier and can be exploited without authentication, leading to significant security risks for affected sites.
The key actionable insight from this content is the urgent need to patch the CVE-2026-3300 vulnerability in versions 1.9.12 and earlier of the Everest Forms Pro plugin to prevent unauthorized access and control over WordPress sites. Security teams should also block the identified IP addresses (202.56.2[.]126 and 209.146.60.26) and monitor for suspicious administrator account activities, particularly those containing the username 'diksimarina'.