Are You Using Gravity Forms? If So, You Need To Update

If you or your organization is using Gravity Forms, from RocketGenius, Inc. then you need to update to the latest version ASAP. The most recent version is 1.9.9 and the need to update comes after security provider, Sucuri, uncovered security issues and vulnerabilities in multiple older versions of the plugin, which have resulted in thousands of WordPress sites being compromised.

Adaptistration People 026It’s worth mentioning this here in what would otherwise be something relegated to internal IT communication because an increasing number of performing arts organizations are foregoing the use of formal developer support and opting for the bargain basement, low cost option of cheap hosting and self-managed installations. Granted, sometimes, that’s the only option available but for some, it’s simply a matter of getting suckered into the predatory sales pitch that managing a website is “easy.”

The result is those cheap hosts don’t automatically install updates related to security vulnerabilities (but they’ll be happy to charge you afterward to clean up your compromised site) and unless you’re diligent enough to look at your WordPress install each and every day to look for updates and read the changelog reports, you run a high degree of risk in missing those critical update notices.

From a purely self-interest point of view, every time a performing arts org site becomes compromised, it drives up hosting costs and causes a cascade of problems for everyone else out there staying on top of site security. So please, if your site is using WordPress (WP) and Gravity Forms (GF), don’t contribute to the problem and make sure both are up to date (as of today, the latest version of WP is 4.2.2 and GF is 1.9.9).

Updating is quick and easy and don’t let this spook you either. Gravity Forms continues to be an excellent provider and this problem has more to do with lazy users and hosts who aren’t doing a very good job at maintaining their installations.

If you’re an executive and you’re not sure if your site uses Gravity Forms, double check with whoever is responsible for your site.

About Drew McManus

"I hear that every time you show up to work with an orchestra, people get fired." Those were the first words out of an executive's mouth after her board chair introduced us. That executive is now a dear colleague and friend but the day that consulting contract began with her orchestra, she was convinced I was a hatchet-man brought in by the board to clean house.

I understand where the trepidation comes from as a great deal of my consulting and technology provider work for arts organizations involves due diligence, separating fact from fiction, interpreting spin, as well as performance review and oversight. So yes, sometimes that work results in one or two individuals "aggressively embracing career change" but far more often than not, it reinforces and clarifies exactly what works and why.

In short, it doesn't matter if you know where all the bodies are buried if you can't keep your own clients out of the ground, and I'm fortunate enough to say that for more than 15 years, I've done exactly that for groups of all budget size from Qatar to Kathmandu.

For fun, I write a daily blog about the orchestra business, provide a platform for arts insiders to speak their mind, keep track of what people in this business get paid, help write a satirical cartoon about orchestra life, hack the arts, and love a good coffee drink.

Related Posts

Leave a Comment