Plattform
wordpress
Komponente
kali-forms
Behoben in
2.5.4
CVE-2026-3584 is a critical Remote Code Execution (RCE) vulnerability discovered in the Kali Forms WordPress plugin. This flaw allows unauthenticated attackers to execute arbitrary code on the server. The vulnerability affects versions 0.0.0 through 2.4.9, and a patch is available in version 2.4.10.
The impact of CVE-2026-3584 is severe. Successful exploitation allows an attacker to execute arbitrary code on the WordPress server hosting the Kali Forms plugin. This could lead to complete server takeover, data exfiltration, defacement, or the installation of malware. Given the plugin's popularity and the ease of exploitation, this vulnerability poses a significant risk to WordPress sites using Kali Forms. The vulnerability stems from the insecure handling of user-supplied data within the 'formprocess' function, specifically the 'preparepostdata' function which maps keys directly into internal storage and then uses 'calluser_func' on these values, enabling code execution.
CVE-2026-3584 was publicly disclosed on March 20, 2026. A public proof-of-concept is likely to emerge given the vulnerability's ease of exploitation and critical severity. The vulnerability is not currently listed on the CISA KEV catalog, but its high severity warrants close monitoring. Active exploitation campaigns are possible, particularly targeting vulnerable WordPress sites.
WordPress websites utilizing the Kali Forms plugin, particularly those running older versions (0.0.0–2.4.9), are at significant risk. Shared hosting environments are especially vulnerable as they often lack granular control over plugin updates and security configurations. Websites relying on Kali Forms for critical data collection or processing are also at heightened risk.
• wordpress / composer / npm:
grep -r 'call_user_func' /var/www/html/wp-content/plugins/kali-forms/• wordpress / composer / npm:
wp plugin list --status=all | grep 'kali-forms'• wordpress / composer / npm:
wp plugin update kali-forms --all• generic web: Check WordPress plugin directory for Kali Forms version 2.4.9 or earlier.
disclosure
Exploit-Status
EPSS
0.29% (52% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2026-3584 is to immediately upgrade the Kali Forms plugin to version 2.4.10 or later. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider temporarily disabling the Kali Forms plugin. As a secondary measure, implement strict input validation and sanitization on all user-supplied data within the plugin. Web Application Firewall (WAF) rules can be configured to block requests containing suspicious payloads targeting the 'form_process' endpoint. Monitor WordPress logs for unusual activity or attempts to exploit the vulnerability.
Aktualisieren Sie auf Version 2.4.10 oder eine neuere gepatchte Version
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-3584 is a critical Remote Code Execution vulnerability affecting Kali Forms WordPress plugins versions 0.0.0–2.4.9. It allows attackers to execute arbitrary code on the server.
If you are using Kali Forms version 2.4.9 or earlier, you are affected by this vulnerability. Upgrade to version 2.4.10 or later immediately.
The fix is to upgrade the Kali Forms plugin to version 2.4.10 or later. If upgrading is not possible, temporarily disable the plugin.
While no active exploitation campaigns have been publicly confirmed, the vulnerability's severity and ease of exploitation make it a likely target.
Refer to the Kali Forms official website and WordPress plugin repository for the latest advisory and update information.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.