On March 2nd, 2026, we received a submission through our Bug Bounty Program for a Remote Code Execution vulnerability in Kali Forms, a WordPress plugin with more than 10,000 active installations. This vulnerability makes it possible for an unauthenticated attacker to execute code on the server. The vendor released the patched version on March 20th, 2026, and we originally disclosed this vulnerability in the Wordfence Intelligence vulnerability database on the same day. Our records indicate that attackers started exploiting the issue the same day, on March 20th, 2026. The Wordfence Firewall has already blocked over 312,200 exploit attempts targeting this vulnerability.
The post Attackers Actively Exploiting Critical Vulnerability in Kali Forms Plugin appeared first on Wordfence.
Read the original article: