PDF Security Bug Fixes in Gravity PDF 4.0.4

Gravity PDF 4.0.4 Now Available

The most important change in this release was to fix a vulnerability surrounding password-protected documents. We had reports that Apple’s Finder software would show the contents of password-protected PDFs without asking for a password. This release fixes this issues.

You may also be happy to hear that Gmail has resolved a bug that was preventing Gravity PDF’s Secured PDFs from being opened in the Google Docs Viewer.

Other notable fixes include an update to the Font Manager, which was unusable for anyone who wasn’t running WordPress 4.5+, and automatically adding line break HTML (<br> tags) in the header / footer content.


  • Prevent Finder (Mac) and Ghostscript viewing / processing password-protected PDFs without a password (GH#467)
  • Fix Font Manager display issues for users running a version of WP lower than 4.5 (GH#470)
  • Ensure new lines in Header / Footer automatically converted to <p> or <br> tags using wpautop() (GH#472)
  • Fix issue in $form_data where Radio / Checkbox fields wouldn’t display site-owner entered HTML (GH#415)
  • Fixed conflict with Enhanced Media Library plugin (GH#433)
  • Fixed issue with encoded characters in saved PDF filename (GH#475)
  • Fixed issue where PDF settings would always set to “active” when saved (GH#477)
  • Fixed deprecation notice for multisites using WordPress 4.6 (GH#479)
  • Apply esc_html() and esc_url() to PDF name and URL in admin area (GH#484)

This update is now available via one-click updates in your WordPress admin area and through WordPress.org.

For the best experience we recommend you keep WordPress, your plugins and PHP updated.