‘Gravity Forms’ WordPress Plugin Found Vulnerable to PHP Object Injection

Gravity Forms, a popular WordPress plugin, has been found vulnerable to unauthenticated PHP Object Injection attacks. The plugin is deployed on nearly a million websites worldwide, enabling users to quickly generate custom forms, such as those used for file upload, signing up, payment, surveys, or contact, on their websites. Website security and monitoring platform PatchStack found the vulnerability, which affects all plugin versions earlier than 2.73, on March 27, and Gravity Forms’ vendor ad