Malware Found in Official GravityForms Plugin Indicating Supply Chain Breach
9 comments
·July 12, 2025mpol
jimjambw
I’m from a technical background and so I understand this but being a Brit sentences like this are always funny to me
theglenn88_
Not On Normal Courtyard Exercise
giingyui
Should say what plugin it is.
Etheryte
It's in the title? It's the official GravityForms plugin, supposedly version 2.9.13 fixes the issue, but the changelog [0] doesn't even mention the breach.
giingyui
The way it’s worded in the article it sounds like there are multiple plugins available in that domain.
> one of the plugins that they are trying to download from the official gravityforms.com domain
It’s common for certain plugins to have… plugins of their own. For example if you have a form created with gravityforms and you want to connect it to a CRM or something, there is a screen inside the plugin settings to install it. Which is why I asked. (I don’t know if that’s the case with gravityforms.)
redrove
Honestly it still required a web search on my part to figure out it’s a WordPress plugin. That should be in the title.
autoexec
Any time I read the words vulnerable and plugin I just assume WordPress is involved somehow. I'm convinced that the internet would be instantly more secure if the entire platform died off.
Using a nonce before checking the form would have prevented much of the problems described. Or stated differently, it would suddenly require lots of manual labour.