MSN on MSN

Hackers are exploiting a maximum-severity bug in a WordPress form plugin on thousands of sites, running their own code with no login required

Thousands of WordPress sites running the Kali Forms plugin are exposed to attackers who can execute arbitrary code on web ...

Critical Everest Forms Pro flaw exploited to take over WordPress sites

Hackers are actively exploiting a critical vulnerability (CVE-2026-3300) in the Everest Forms Pro plugin, which lets them ...
Houston Chronicle

How to Embed Zoho Forms in WordPress

If you're looking to gather customer data from your business website, from a satisfaction survey to product suggestions to general feedback, a form is invaluable. Although programming web forms used ...
Bleeping Computer

WordPress plugin ‘Gravity Forms’ vulnerable to PHP object injection

The premium WordPress plugin 'Gravity Forms,' currently used by over 930,000 websites, is vulnerable to unauthenticated PHP Object Injection. Gravity Forms is a custom form builder website owners use ...
Searchenginejournal.com

WordPress Contact Form Entries Plugin Vulnerability Affects 70K Websites

A vulnerability advisory was issued for a WordPress plugin that saves contact form submissions. The flaw enables unauthenticated attackers to delete files, launch a denial of service attack, or ...
TechRadar

WordPress users beware - this popular plugin has been hijacked to push potential malware

The RocketGenius website served a malicious variant of the Gravity Forms WordPress add-on for a few hours The variant harvested extensive information and allowed for RCE The malware affected only ...
Searchenginejournal.com

Vulnerabilities In Two WordPress Contact Form Plugins Affect +1.1 Million

The affected contact form plugins are Ninja Forms, (with over 800,000 installations) and Contact Form Plugin by Fluent Forms (+300,000 installations). The vulnerabilities are not related to each other ...