One of our missions at WP Engine is to provide you with the most secure WordPress experience possible.

With that in mind, we’re immediately updating all of our customers who are using an out-of-date version of the Gravity Forms plugin to the latest version, 1.9.9. This update comes after our partner Sucuri uncovered security issues and vulnerabilities in multiple older versions of the plugin, which have resulted in thousands of WordPress sites being compromised. You can read more about it here.

As a WP Engine customer, no action is required from you—we’ll take care of it. As part of our commitment to you, our team is identifying and cleaning all affected customer sites and upgrading them to Gravity Forms version 1.9.9. We will create a restore point before we update your site to ensure your data is secure in the event that the upgrade causes any form compatibility issues.

Updating to the latest version of Gravity Forms is the only way to ensure that your site is protected from these vulnerabilities.

Thank you for entrusting your WordPress sites and your business to WP Engine. If you have any concerns, please do not hesitate to contact our Technical Support team.

More WordPress News from WP Engine

Join the conversation.

Leave a Comment.

There are 3 comments

  • Bryce on
    May 29, 2015 at 12:19 am

    Have you run into any notification email issues after the update?

    Reply
  • Bill on
    June 1, 2015 at 5:28 pm

    I am still getting emails about this, even though I have already removed the Gravity Forms plugin from the site.

    Regards,
    Bill Gordon

    Reply
  • quangdung on
    August 25, 2015 at 4:00 am

    Please help me to add key to version 1.9.4

    Reply