Gravity Forms
N/A
Developer
N/A
Latest version
N/A
Installations
N/A
Last updated
Vulnerability history
0 present
13 patched
7 Mitigation rules
- Authenticated (Subscriber+) Stored Cross-Site Scripting via Form Title vulnerability<= 2.9.2812/03/2026
- WordPress GravityForms plugin 2.9.0.1 - 2.9.1.3 - Unauthenticated Stored Cross-Site Scripting via 'style_settings' parameter vulnerability2.9.0.1-2.9.1.331/12/2025
- Unauthenticated Arbitrary File Upload vulnerability< 2.9.23.125/12/2025
- Unauthenticated Arbitrary File Upload via Legacy Chunked Upload vulnerability<= 2.9.21.117/11/2025
- Unauthenticated Arbitrary File Upload via 'copy_post_image' vulnerability<= 2.9.2007/11/2025
- Unauthenticated Stored Cross-Site Scripting via 'alt' parameter vulnerability<= 2.9.1.316/01/2025
- Reflected XSS vulnerability< 2.7.526/06/2023
- Unauthenticated PHP Object Injection vulnerability<= 2.7.329/05/2023
- XSS<= 2.0.6.513/10/2016
- Arbitrary File Upload<= 1.8.1917/06/2016
- Authenticated Reflected XSS<= 1.9.15.1101/03/2016
- Cross Site Scripting<= 1.9.620/04/2015
- SQL Injection<= 1.9.3.517/03/2015