<ul data-eligibleForWebStory="false"><li>The RocketGenius website served a malicious variant of the Gravity Forms WordPress add-on for two days.</li><li>The variant harvested extensive information and allowed for remote code execution (RCE) attacks.</li><li>The malware affected only manual downloads and composer installations.</li><li>Users who downloaded Gravity Forms directly from RocketGenius' website on July 10 or 11 should delete the plug-in and reinstall a clean version (2.9.13) to ensure security.</li></ul>

WordPress users beware - this popular plugin has been hijacked to push potential malware

Discover more