Gravity Forms, a popular WordPress plugin, has been found vulnerable to
unauthenticated PHP Object Injection attacks.
unauthenticated PHP Object Injection attacks.
The plugin is deployed on nearly a million websites worldwide, enabling users to
quickly generate custom forms, such as those used for file upload, signing up,
payment, surveys, or contact, on their websites.
Website security and monitoring platform PatchStack found the vulnerability,
which affects all plugin versions earlier than 2.73, on March 27, and Gravity
Forms’ vendor ad