Wpeverest · Everest Forms · CVE-2025-26841
**Name of the Vulnerable Software and Affected Versions**
WPEVEREST Everest Forms versions prior to 3.0.9
**Description**
The issue allows an attacker to execute arbitrary code via a file upload, exploiting a Cross Site Scripting vulnerability.
**Recommendations**
For versions prior to 3.0.9, update to version 3.0.9 or later to resolve the issue.