One of our missions at WP Engine is to provide you with the most secure WordPress experience possible.

With that in mind, we’re immediately updating all of our customers who are using an out-of-date version of the Gravity Forms plugin to the latest version, 1.9.9. This update comes after our partner Sucuri uncovered security issues and vulnerabilities in multiple older versions of the plugin, which have resulted in thousands of WordPress sites being compromised. You can read more about it here.

As a WP Engine customer, no action is required from you—we’ll take care of it. As part of our commitment to you, our team is identifying and cleaning all affected customer sites and upgrading them to Gravity Forms version 1.9.9. We will create a restore point before we update your site to ensure your data is secure in the event that the upgrade causes any form compatibility issues.

Updating to the latest version of Gravity Forms is the only way to ensure that your site is protected from these vulnerabilities.

Thank you for entrusting your WordPress sites and your business to WP Engine. If you have any concerns, please do not hesitate to contact our Technical Support team.