(402) 817-2630 help@fivenines.com

Three February WordPress Plugin Vulnerabilities that Require Remediation

In February, there have been three critical vulnerabilities with plugins that you need to remediate to protect your WordPress website. While Five Nines does not support WordPress websites, we monitor and notify our customers when critical vulnerabilities exist to enhance their security.

Vulnerability 1:

NextGen Gallery, a WordPress plugin installed on 800,000 websites, has two critical vulnerabilities and needs to be updated to version 3.5.0 immediately.

What to do:

1. Log into your WordPress dashboard and see if you utilize the NextGen Gallery plugin.
2. If you do, contact your website manager and ask them to update the plugin version to 3.5.0.
3. Clear your site’s cache

You can read more about this vulnerability here.

Vulnerability 2:

“Contact Form 7 Style” is a plugin add-on used by Contact Form 7 plugin users to add additional styles to their WordPress contact forms. It is installed on 50,000 websites. There is a critical vulnerability, and the creators are no longer maintaining the plugin. It needs to be removed and replaced if being used.

What to do:

  1. Log into your WordPress dashboard and see if you utilize the Contact Form 7 or Contact Form 7 Styles plugins.
  2. If you do, contact your website manager and ask them to remove the Contact Form 7 Styles plugin and find a replacement.
  3. Clear your site’s cache

You can read more about the vulnerability here.

Vulnerability 3:

Responsive Menu, a WordPress plugin installed on 100,000 websites, has three critical vulnerabilities and needs to be updated to version 4.0.4 immediately.

What to do:

  1. Log into your WordPress dashboard and see if you utilize the Responsive Menu plugin.
  2. If you do, contact your website manager and ask them to update the plugin version to 4.0.4.
  3. Clear your site’s cache

You can read more about this vulnerability here: