Gravity Forms < 2.7.5 - Reflected XSS
Description
Gravity Forms plugin before 2.7.5 has a reflected XSS vulnerability due to unescaped URLs in attributes, allowing attacks against high-privileged users.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Gravity Forms plugin before 2.7.5 has a reflected XSS vulnerability due to unescaped URLs in attributes, allowing attacks against high-privileged users.
Vulnerability
The Gravity Forms WordPress plugin versions before 2.7.5 fail to escape generated URLs before outputting them in HTML attributes, leading to a reflected cross-site scripting (XSS) vulnerability. This affects all versions prior to 2.7.5. [1]
Exploitation
An attacker can craft a malicious URL that, when visited by a high-privileged user (e.g., admin), injects arbitrary JavaScript into the page. The attack requires no authentication from the attacker but relies on the victim clicking the crafted link. A proof of concept is available from the researcher. [1]
Impact
Successful exploitation allows the attacker to execute arbitrary JavaScript in the context of the victim's session. This can lead to theft of cookies, session tokens, or performing actions on behalf of the admin, potentially compromising the entire WordPress site.
Mitigation
The vulnerability is fixed in version 2.7.5 of the Gravity Forms plugin. Users should update to 2.7.5 or later immediately. No workarounds are mentioned. The plugin is not listed on CISA's KEV as of the publication date. [1]
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: < 2.7.5
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- wpscan.com/vulnerability/298fbe34-62c2-4e56-9bdb-90da570c5bbemitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.