Title: Plugin vulnerable
Last modified: October 3, 2025

---

# Plugin vulnerable

 *  [dccorp](https://wordpress.org/support/users/dccorp/)
 * (@dccorp)
 * [7 months, 3 weeks ago](https://wordpress.org/support/topic/plugin-vulnerable-7/)
 * Hi,
 * Wordfence is signaling a vulnerability, please check this issue:
 * [https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/ht-instagram/ht-feed-130-authenticated-contributor-stored-cross-site-scripting](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/ht-instagram/ht-feed-130-authenticated-contributor-stored-cross-site-scripting)
 * Thank you,

Viewing 1 replies (of 1 total)

 *  Plugin Contributor [Zenaul Islam](https://wordpress.org/support/users/zenaulislam/)
 * (@zenaulislam)
 * [7 months, 3 weeks ago](https://wordpress.org/support/topic/plugin-vulnerable-7/#post-18670751)
 * Hi [@dccorp](https://wordpress.org/support/users/dccorp/),
 * Thank you for bringing this to our attention.
    We’ve already fixed this vulnerability
   and released an updated version **1.3.1** of the plugin. Please make sure you’re
   using the latest version to stay fully protected.
 * Best regards,
    Zenaul Islam

Viewing 1 replies (of 1 total)

The topic ‘Plugin vulnerable’ is closed to new replies.

 * ![](https://ps.w.org/ht-instagram/assets/icon-128x128.png?rev=2875739)
 * [HT Feed](https://wordpress.org/plugins/ht-instagram/)
 * [Support Threads](https://wordpress.org/support/plugin/ht-instagram/)
 * [Active Topics](https://wordpress.org/support/plugin/ht-instagram/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/ht-instagram/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/ht-instagram/reviews/)

 * 2 replies
 * 2 participants
 * Last reply from: [Zenaul Islam](https://wordpress.org/support/users/zenaulislam/)
 * Last activity: [7 months, 3 weeks ago](https://wordpress.org/support/topic/plugin-vulnerable-7/#post-18670751)
 * Status: not resolved