Gravatar support is provided natively in WordPress as of v2.5[1] and in web based project management application Redmine beginning with version 0.8.

[3][4] A user's profile data is available in a number of metadata standards, including hCard, JSON, XML, PHP, and vCard as well as via QR codes.

[10] Matt Mullenweg announced on The Big Web Show on 2 December 2010 that Gravatar was serving approximately 20 billion images per day.

[12] Subsequently, in 2013, security researcher Dominique Bongard presented that he was able to determine 45% of the email addresses used to post comments on a well-known French political forum by using Gravatar URLs and the open source Hashcat password cracking tool.

[14] This is in addition to the fact that the MD5 hashing algorithm itself is severely compromised and unfit for cryptographic applications; the CMU Software Engineering Institute has recommended against its use in any capacity since the end of 2008.

167 million names, usernames and MD5 hashes of email addresses used to reference users' avatars were subsequently scraped and distributed within the hacking community.