A new SQL injection vulnerability was found in the WordPress NextGEN Gallery plugin. NextGEN is a very popular WordPress plugin that has well over 1 million active installs.

In order to protect your website, users of the NextGEN plugin should immediately update to version 2.1.79. This is a very severe vulnerability, so we are expecting a large amount of website will be compromised.

The experts at Downing Media are always available if you need help updating the plugins or conducting a security audit your website. We also have the ability to clean hacked website or websites with viruses.