Bleeping Computer

WordPress Gravity Forms developer hacked to push backdoored plugins

The popular WordPress plugin Gravity Forms has been compromised in what seems a supply-chain attack where manual installers from the official website were infected with a backdoor. Gravity Forms is a ...
IT News For Australia Business

Supply chain attack with malware hits Gravity Forms for WordPress

The developer of Gravity Forms for the WordPress content management system (CMS) has issued an alert about a malware compromise affecting two core plugin packages, which can provide external access to ...
Bleeping Computer

WordPress plugin ‘Gravity Forms’ vulnerable to PHP object injection

The premium WordPress plugin 'Gravity Forms,' currently used by over 930,000 websites, is vulnerable to unauthenticated PHP Object Injection. Gravity Forms is a custom form builder website owners use ...
Dark Reading

Supply Chain Attacks Spotted in GitHub Actions, Gravity Forms, npm

Researchers discovered malicious activity impacting GitHub and popular WordPress and npm tools that could pose significant supply chain risks. In a new report, Armis Labs highlighted three recently ...