Open Redirect Vulnerability in CRM Perks Connector for Gravity Forms and Google Sheets
CVE-2025-54681

4.7MEDIUM

Key Information:

Vendor: WordPress
Status: Connector For Gravity Forms And Google Sheets
Vendor: CVE Published:; 14 August 2025

What is CVE-2025-54681?

The CRM Perks Connector for Gravity Forms and Google Sheets is susceptible to an Open Redirect vulnerability, which allows attackers to redirect users to untrusted sites. This flaw can be exploited to facilitate phishing attacks, potentially compromising user credentials and sensitive information. The issue affects all versions from n/a up to 1.2.4, enabling malicious actors to deceive users and divert them to harmful destinations.

Affected Version(s)

Connector for Gravity Forms and Google Sheets <= 1.2.4

References

https://patchstack.com/database/wordpress/plugin/wp-gravi...

vdb-entry

CVSS V3.1

Score:

4.7

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 14, 2025
Vulnerability Reserved
Jul 28, 2025

Credit

Nguyen Xuan Chien (Patchstack Alliance)