Title: Java vulnerability – is this plugin compliant? Last modified: December 17, 2021 --- # Java vulnerability – is this plugin compliant? * Resolved [jentech](https://wordpress.org/support/users/jentech/) * (@jentech) * [4 years, 5 months ago](https://wordpress.org/support/topic/java-vulnerability-is-this-plugin-compliant/) * Hi, we have been alerted by Auth.net about a known vulnerability and instruictions to update client applications, is this plugin compliant? Here is the message: * * * * * ``` We are aware of the vulnerability recently identified that affects websites or applications using Java, specifically the log4j versions 2.0 – 2.14.1. These versions primarily use the "jndi:" logging. ... In order to mitigate additional vulnerabilities, you or your web developer or solution provider should switch any current log4j2.formatMsgNoLookups to a status of true by adding:"‐Dlog4j2.formatMsgNoLookups=True" to the JVM command used for starting the application. Additionally, to help prevent the library being exploited, we urgently recommend that any Java Log4j versions are upgraded to log4j-2.15.0. ``` * * * * * Is this plugin compliant with instructions above? * The page I need help with: _[[log in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Fjava-vulnerability-is-this-plugin-compliant%2F%3Foutput_format%3Dmd&locale=en_US) to see the link]_ Viewing 2 replies - 1 through 2 (of 2 total) * [3 Sons Development](https://wordpress.org/support/users/3sonsdevelopment/) * (@3sonsdevelopment) * [4 years, 5 months ago](https://wordpress.org/support/topic/java-vulnerability-is-this-plugin-compliant/#post-15199386) * Hi [@jentech](https://wordpress.org/support/users/jentech/), * WooCommerce does not run on Java. You’ll find a good bit of JavaScript but despite the name, that does not have anything to do with the Java language. * If you have any questions, let us know. * Cheers * [Mirko P.](https://wordpress.org/support/users/rainfallnixfig/) * (@rainfallnixfig) * [4 years, 4 months ago](https://wordpress.org/support/topic/java-vulnerability-is-this-plugin-compliant/#post-15216168) * Hi there, * We haven’t heard from you in a while, so I’m going to mark this as resolved. Feel free to start a new thread if you have any more questions. Viewing 2 replies - 1 through 2 (of 2 total) The topic ‘Java vulnerability – is this plugin compliant?’ is closed to new replies. * ![](https://ps.w.org/woocommerce/assets/icon.svg?rev=3234504) * [WooCommerce](https://wordpress.org/plugins/woocommerce/) * [Frequently Asked Questions](https://wordpress.org/plugins/woocommerce/#faq) * [Support Threads](https://wordpress.org/support/plugin/woocommerce/) * [Active Topics](https://wordpress.org/support/plugin/woocommerce/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/woocommerce/unresolved/) * [Reviews](https://wordpress.org/support/plugin/woocommerce/reviews/) * 2 replies * 3 participants * Last reply from: [Mirko P.](https://wordpress.org/support/users/rainfallnixfig/) * Last activity: [4 years, 4 months ago](https://wordpress.org/support/topic/java-vulnerability-is-this-plugin-compliant/#post-15216168) * Status: resolved