Researchers revealed that the largely used WordPress plugin ”Gravity Forms” is vulnerable to unauthenticated PHP Object Injection. The flaw was tracked as CVE-2023-28782 and affects all plugin versions from 2.73 and below. The vendor fixed the vulnerability with the release of version 2.7.4, available for users starting April 11th, 2023. Cybersecurity specialists urge website admins […]
The post Warning! WordPress Plugin ”Gravity Forms” Vulnerable to PHP Object Injection appeared first on Heimdal Security Blog.
This article has been indexed from Heimdal Security Blog
Read the original article: