Gravity Forms Plugin V1.9.4 Released With Fixing Blind SQL Injection Vulnerability
A new version of Gravity Forms released by Rocketgenius – Gravity Forms V1.9.4 and you can download the latest version of Gravity Forms Plugin for free from members area or you can update it from WordPress admin panel. It is a maintenance security release which comes with adding new features & fixing bugs in earlier version. The updated version comes with a fix for a blind SQL injection vulnerability. It is recommended to all users that they must update Gravity Forms plugin to latest version as soon as possible. Before updating Gravity Forms plugin to latest version it is recommended to all users that they must update files & database so that if something foes wrong then you can easily backup your files & database in a single click.
Below you can find the number of changes made in the latest version of Gravity Forms plugin:
What’s New in Gravity Forms v1.9.4
Added 2 new ready classes: gf_simple_horizontal and gf_section_right.
Added logging for $phpmailer->ErrorInfo.
Updated the Number field to include the thousands separator when returning a validation failure if the input type is ‘text’. Some browsers do not allow commas when using the HTML5 ‘number’ input type.
Updated number formatting to include the thousands separator on the entry list and detail pages and when merge tags are processed. The :value modifier will return the value without the thousand separator.
Fixed security issue in the import process of legacy forms on some systems.
Fixed an issue with GFCommon::format_number using the currency defined on the Forms > Settings page instead of the currency used with the entry which resulted in the number being incorrectly formatted when using the third-party
Gravity Forms Multi Currency add-on.
Fixed an issue with conditional logic not updating the enhanced UI after resetting the value of the underlying select element.
Fixed a security vulnerability in the admin area that could be exploited by users with permission to edit forms in the WordPress Dashboard which is admin only by default. Credit: 10up.
Fixed a security vulnerability for forms that require login. Caching pages with forms that require login will now cause submissions to fail.
Fixed issue with chosen sprite file name. Renamed it to prevent issues on some server configurations.
Fixed calculations in the the post custom field when when the input type is set to number and calculations are enabled.
Fixed an issue with the ID attributes of the left span elements of Email and Password fields.
Fixed an issue with the field label for attribute in the form editor containing an extra underscore.
Add-On Framework Updates in Gravity Forms v1.9.4
All these changes and regular updates make Gravity Forms a must have plugin for creating customizable contact forms. So, for what you are waiting for? Update Gravity Forms plugin to latest version as soon as possible and if you do not own Gravity Forms plugin, then you can get it from here:
If you have any query do let me know via comments!