4:["$","div",null,{"className":"wrap","children":[["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"CollectionPage\",\"name\":\"Exposición de Gravity Forms\",\"url\":\"https://vexday.io/es/tech/Gravity%20Forms\",\"isPartOf\":{\"@type\":\"WebSite\",\"name\":\"Vexday\",\"url\":\"https://vexday.io\"},\"mainEntity\":{\"@type\":\"ItemList\",\"numberOfItems\":15},\"breadcrumb\":{\"@type\":\"BreadcrumbList\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Inicio\",\"item\":\"https://vexday.io/es\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Exposición por tecnología\",\"item\":\"https://vexday.io/es/tech\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Gravity Forms\"}]}}"}}],["$","nav",null,{"className":"crumbs","children":[["$","$La",null,{"href":"/es","children":"Inicio"}]," ",["$","span",null,{"children":"/"}]," ",["$","$La",null,{"href":"/es/tech","children":"Exposición por tecnología"}]," ",["$","span",null,{"children":"/"}]," ",["$","b",null,{"children":"Gravity Forms"}]]}],["$","div",null,{"className":"sec-head","style":{"marginTop":18},"children":[["$","h1",null,{"style":{"fontSize":"1.7rem","margin":0,"fontFamily":"var(--font-display)","fontWeight":700},"children":["Exposición de"," ",["$","span",null,{"style":{"color":"var(--orange)"},"children":"Gravity Forms"}]]}],["$","span",null,{"className":"t","children":"Form builders, WordPress plugins"}]]}],["$","div",null,{"className":"band","style":{"marginTop":16},"children":[["$","div",null,{"className":"stat","children":[["$","div",null,{"className":"n","children":"52"}],["$","div",null,{"className":"l","children":"score de exposición"}]]}],["$","div",null,{"className":"stat","children":[["$","div",null,{"className":"n","children":"103.408"}],["$","div",null,{"className":"l","children":"sitios usan"}]]}],["$","div",null,{"className":"stat kev","children":[["$","div",null,{"className":"n","children":"0"}],["$","div",null,{"className":"l","children":"en explotación"}]]}],["$","div",null,{"className":"stat crit","children":[["$","div",null,{"className":"n","children":"2"}],["$","div",null,{"className":"l","children":"críticos"}]]}]]}],["$","div",null,{"className":"sec-head","style":{"marginTop":24},"children":[["$","h2",null,{"children":"CVEs"}],["$","span",null,{"className":"t","children":["15"," ","resultados"]}]]}],["$","div",null,{"className":"list","children":[["$","$La","CVE-2025-12352",{"className":"item","href":"/es/cve/CVE-2025-12352","children":[["$","span",null,{"className":"cid","children":"CVE-2025-12352"}],["$","span",null,{"className":"sevtag CRITICAL","children":"CRITICAL"}],["$","span",null,{"className":"tt2","children":"Gravity Forms <= 2.9.20 - Unauthenticated Arbitrary File Upload via 'copy_post_image'"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.7%"}]]}],false]}]]}],["$","$La","CVE-2023-28782",{"className":"item","href":"/es/cve/CVE-2023-28782","children":[["$","span",null,{"className":"cid","children":"CVE-2023-28782"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress Gravity Forms Plugin <= 2.7.3 is vulnerable to PHP Object Injection"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.6%"}]]}],false]}]]}],["$","$La","CVE-2025-12974",{"className":"item","href":"/es/cve/CVE-2025-12974","children":[["$","span",null,{"className":"cid","children":"CVE-2025-12974"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"Gravity Forms <= 2.9.21.1 - Unauthenticated Arbitrary File Upload via Legacy Chunked Upload"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.6%"}]]}],false]}]]}],["$","$La","CVE-2026-48866",{"className":"item","href":"/es/cve/CVE-2026-48866","children":[["$","span",null,{"className":"cid","children":"CVE-2026-48866"}],["$","span",null,{"className":"sevtag CRITICAL","children":"CRITICAL"}],["$","span",null,{"className":"tt2","children":"WordPress Gravity Forms plugin <= 2.10.0.1 - Arbitrary File Deletion vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.5%"}]]}],false]}]]}],["$","$La","CVE-2026-4406",{"className":"item","href":"/es/cve/CVE-2026-4406","children":[["$","span",null,{"className":"cid","children":"CVE-2026-4406"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"Gravity Forms <= 2.9.30 - Reflected Cross-Site Scripting via 'form_ids' Parameter"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2025-13407",{"className":"item","href":"/es/cve/CVE-2025-13407","children":[["$","span",null,{"className":"cid","children":"CVE-2025-13407"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"GravityForms < 2.9.23.1 - Unauthenticated Arbitrary File Upload"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2024-13377",{"className":"item","href":"/es/cve/CVE-2024-13377","children":[["$","span",null,{"className":"cid","children":"CVE-2024-13377"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"GravityForms <= 2.9.1.3 - Unauthenticated Stored Cross-Site Scripting via 'alt' parameter"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2026-4394",{"className":"item","href":"/es/cve/CVE-2026-4394","children":[["$","span",null,{"className":"cid","children":"CVE-2026-4394"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"Gravity Forms <= 2.9.30 - Unauthenticated Stored Cross-Site Scripting via Credit Card 'Card Type' Sub-Field"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2024-13378",{"className":"item","href":"/es/cve/CVE-2024-13378","children":[["$","span",null,{"className":"cid","children":"CVE-2024-13378"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"GravityForms 2.9.0.1 - 2.9.1.3 - Unauthenticated Stored Cross-Site Scripting via 'style_settings' parameter"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2026-5111",{"className":"item","href":"/es/cve/CVE-2026-5111","children":[["$","span",null,{"className":"cid","children":"CVE-2026-5111"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"Gravity Forms <= 2.10.0 - Unauthenticated Stored Cross-Site Scripting via Hidden Product Field in Repeater"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2026-5110",{"className":"item","href":"/es/cve/CVE-2026-5110","children":[["$","span",null,{"className":"cid","children":"CVE-2026-5110"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"Gravity Forms <= 2.10.0 - Unauthenticated Stored Cross-Site Scripting via Single Product Field Inside Repeater"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.2%"}]]}],false]}]]}],["$","$La","CVE-2026-5109",{"className":"item","href":"/es/cve/CVE-2026-5109","children":[["$","span",null,{"className":"cid","children":"CVE-2026-5109"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"Gravity Forms <= 2.10.0 - Unauthenticated Stored Cross-Site Scripting via Product Option"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.2%"}]]}],false]}]]}],["$","$La","CVE-2026-5113",{"className":"item","href":"/es/cve/CVE-2026-5113","children":[["$","span",null,{"className":"cid","children":"CVE-2026-5113"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"Gravity Forms <= 2.10.0 - Unauthenticated Stored Cross-Site Scripting via Consent Field Hidden Input"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.2%"}]]}],false]}]]}],["$","$La","CVE-2026-5112",{"className":"item","href":"/es/cve/CVE-2026-5112","children":[["$","span",null,{"className":"cid","children":"CVE-2026-5112"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"Gravity Forms <= 2.10.0 - Unauthenticated Stored Cross-Site Scripting via Calculation Product Field in Repeater"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.2%"}]]}],false]}]]}],["$","$La","CVE-2026-3492",{"className":"item","href":"/es/cve/CVE-2026-3492","children":[["$","span",null,{"className":"cid","children":"CVE-2026-3492"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"Gravity Forms <= 2.9.28.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Form Title"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.2%"}]]}],false]}]]}]]}],false,["$","section",null,{"className":"block","style":{"marginTop":28},"children":["$","div",null,{"className":"cta","children":[["$","p",null,{"children":"¿Quieres saber si tu infraestructura está expuesta a esto?"}],["$","a",null,{"className":"btn btn-primary","href":"https://truehacking.ai","target":"_blank","rel":"noopener","children":"Hablar con TrueHacking →"}]]}]}]]}]