Critical WordPress Plugin Vulnerability Exposes 70,000+ Sites to RCE Attacks

Threat Score:

Cybersecurity News

1 day ago

Part of cluster #1933

Overview

A critical security vulnerability has been discovered in the popular “Database for Form 7, WPforms, Elementor forms” WordPress plugin, potentially exposing over 70,000 websites to remote code execution attacks. The vulnerability, tracked as CVE-2025-7384 with a maximum CVSS score of 9.8, affects all versions up to and including 1.4.3 and was publicly disclosed on […]...

Continue Reading on Original Site

5 articles

New Crypto24 Ransomware Attacks Bypass EDR

Dark Reading • 10 hours ago

While several cybercrime groups have embraced "EDR killers," researchers say the deep knowledge and technical skills demonstrated by Crypto24 signify a dangerous escalation.

Score

Stop Reacting; Start Anticipating: The Global State of Threat Intelligence

Brighttalk • 14 hours ago

Presented by Jitin Shabadu, Forrester Analyst | Jayce Nichols, Director, Intelligence Solutions, Google Threat Intelligence Group

Score

How your solar rooftop became a national security issue

TechCrunch • 8 hours ago

Texas solar company EG4 became the poster child for energy cybersecurity risks this week after federal officials published an advisory detailing how hackers could hijack its inverters.

Score

Ransomware Actors Blending Legitimate Tools with Custom Malware to Evade Detection

Cybersecurity News • 8 hours ago

The cybersecurity landscape faces a new sophisticated threat as the Crypto24 ransomware group demonstrates an alarming evolution in attack methodology, seamlessly blending legitimate administrative tools with custom-developed malware to execute precision strikes against high-value targets. This emerging ransomware operation has successfully compromised organizations across Asia, Europe, and the United States, with a particular focus on […]

Score

Colt Telecommunications Struggles in Wake of Cyber Incident

Dark Reading • 11 hours ago

The UK telco said it temporarily took some systems offline as a "protective" measure in its investigation.

Score

CVES

CVE-2025-7384

ATTACK TYPES

Remote Code Execution

VULNERABILITIES

Improper Input Validation

RCE

Remote Code Execution

PLATFORMS

WordPress

MITRE ATT&CK

T1068

T1070

T1190

T1203

T1204

COMPANIES

Database for Form 7

WordPress

INDUSTRIES

Cybersecurity

Web Development

ARTICLE INFORMATION

Article #11405

Published 1 day ago

Cybersecurity News

THREAT HUNTING

THREAT INTELLIGENCE

BUSINESS INTELLIGENCE

Save to Folder

Article Intelligence

THREAT HUNTING

THREAT INTELLIGENCE

BUSINESS INTELLIGENCE

Overview

Related Articles

New Crypto24 Ransomware Attacks Bypass EDR

Stop Reacting; Start Anticipating: The Global State of Threat Intelligence

How your solar rooftop became a national security issue

Ransomware Actors Blending Legitimate Tools with Custom Malware to Evade Detection

Colt Telecommunications Struggles in Wake of Cyber Incident

Save to Folder

Article Intelligence

We use cookies

Cookie Settings

Essential Cookies

Analytics Cookies

Performance Cookies

Marketing Cookies