Impact
The Everest Forms WordPress plugin before version 3.5.0 contains an access control issue that allows any requester, even without authentication, to reach its onboarding assistant REST API endpoints. The capability check is applied only when a request header holds a specific value, and that header can be omitted or changed, letting attackers bypass the check. This flaw permits attackers to read onboarding status information, alter the plugin’s options, and trigger outbound emails to arbitrary addresses, potentially exposing sensitive data and facilitating spam or social‑engineering attacks.
Affected Systems
Any WordPress site using Everest Forms earlier than version 3.5.0 is affected; no vendor information beyond the plugin name is listed.
Risk and Exploitability
With a CVSS score of 6.5 the vulnerability is considered moderately severe. The EPSS score is below 1 % and the issue is not listed in CISA KEV, indicating that exploitation activity is currently low or unobserved. Attackers can exploit the flaw remotely by sending unauthenticated HTTP requests to the exposed REST endpoints, requiring no special prerequisites beyond internet connectivity.
OpenCVE Enrichment