CVE-2025-26841

Description

Cross Site Scripting vulnerability in WPEVEREST Everest Forms before 3.0.9 allows an attacker to execute arbitrary code via a file upload.