Cyber Blog

Cybersecurity researchers are warning website owners about an ongoing hacking campaign targeting a popular WordPress plugin called Everest Forms Pro. The software is commonly used to create online forms such as contact forms, registration forms, surveys, and payment forms.

According to security experts, hackers are actively exploiting a serious flaw in the plugin that allows them to gain control of vulnerable websites. Once a site is compromised, attackers can create their own administrator accounts, giving them the same level of access as the website owner.

With administrator access, hackers can make major changes to a website. They may steal information, redirect visitors to malicious pages, install malware, or use the website for other criminal activities. In some cases, they can completely take over the site.

The vulnerability affects older versions of Everest Forms Pro. The company behind the plugin released a security update in March 2026, but many websites have not yet installed the fix. Security researchers say attackers began exploiting the flaw shortly after the update became available and have attempted thousands of attacks since then.

Researchers have observed attackers creating unauthorized administrator accounts on compromised websites. Website owners are being urged to review their user accounts and look for any unfamiliar administrators that may have been added without permission.

For most internet users, there is nothing they need to do. However, businesses and individuals who manage WordPress websites should make sure their plugins are fully updated. Keeping software current is one of the simplest and most effective ways to reduce the risk of a cyberattack.

The incident is another reminder that even widely used website tools can become targets for hackers. Organizations that delay installing security updates may leave their websites exposed long after a fix has been released.