The Small Business Website Guy

  • Home
  • Blog
  • About
  • WordPress Help
  • Services
    • WordPress Help
    • Hacked Site Cleanup
    • Website Management Program
    • Domain Registration
    • Web Hosting
  • Testimonials
  • Contact Us

March 2, 2015 by John

Gravity Forms Security Vulnerability Found

A Gravity Forms security vulnerability has been reported. If you are using Gravity Forms, update immediately to the latest version 1.8.20. The security flaw in older versions allows anyone to upload any type of file to the server. While WordPress has mechanisms in place to prevent the upload of certain types of files, this hack allows a malicious visitor to bypass those mechanisms and upload any type of file they choose.

How To Check Your Version of Gravity Forms

When you log in to your WordPress dashboard, click the Plugins link and look at the list of plugins installed on your site. If you have Gravity Forms, it will very likely be indicating that an update is available. You will see the version number you have installed in the description of the plugin. If that version is less than 1.8.20, update immediately.

How To Update Gravity Forms

If you have an active license for Gravity Forms, you can update via your WordPress dashboard, or download the update from your Gravity Forms account and update manually.

If you do not have an active license, you will need to purchase one or find an alternative form builder plugin. Depending what you’re using Gravity Forms for, one may make more sense than the other.

For example, one of my clients was using Gravity Forms for his contact form and nothing else. In that case, buying a license made no sense, especially since it has to be renewed every year. We replaced his old version of Gravity Forms with Formidable Pro for which I have a developer license.

As always, be careful out there!

John Sawyer

Laptop image courtesy of Stuart Miles at FreeDigitalPhotos.net

Like this post?  Sign up below to be notified when new posts are published:

[email protected]
John

Share this post:

TwitterFacebookLinkedIn

Filed Under: Anti-Malware, Safe Computing, Security, Updates, Updates Tagged With: gravity forms, security update, wordpress security

Select Module

Recent Posts

  • Protect Yourself From Router Exploit
  • Is GDPR Compliance The Problem?
  • Warning! WordPress 4.9.6 Is Coming
  • MalwareBytes Update Issue
  • Google Issues New HTTPS Guidelines

Find Your Domain

Find a domain starting at $0.48

powered by Namecheap

Reach new audiences and grow your following

Privacy Policy | Terms of Use

Copyright © 2007-2021 by Chon Resources – All Rights Reserved Worldwide

We use cookies for various purposes including analytics and personalized marketing. By continuing to use the service, you agree to our use of cookies. - Privacy Policy
Protected by WebARX