PLUGIN SECURITY
Is Instagram Feed safe?
Known vulnerabilities, PHP compatibility and safer alternatives for the Instagram Feed WordPress plugin — checked against WP Clinic's local security database.
Plugin details
- Slug:
instagram-feed
Known vulnerabilities
- Smash Balloon Social Photo Feed – Easy Social Feeds Plugin [instagram-feed] < 1.6
- Smash Balloon Social Photo Feed – Easy Social Feeds Plugin [instagram-feed] < 1.4.7
- Smash Balloon Social Photo Feed – Easy Social Feeds Plugin [instagram-feed] < 2.9.2
- Smash Balloon Social Photo Feed – Easy Social Feeds Plugin [instagram-feed] < 1.12
- Smash Balloon Social Photo Feed – Easy Social Feeds Plugin [instagram-feed] < 1.6
+ 7 more known vulnerabilities
- Smash Balloon Social Photo Feed – Easy Social Feeds Plugin [instagram-feed] < 1.4.7
- Smash Balloon Social Photo Feed – Easy Social Feeds Plugin [instagram-feed] < 1.12
- Smash Balloon Social Photo Feed – Easy Social Feeds Plugin [instagram-feed] < 1.6
- Smash Balloon Social Photo Feed – Easy Social Feeds Plugin [instagram-feed] < 1.4.7
- Smash Balloon Social Photo Feed – Easy Social Feeds Plugin [instagram-feed] < 2.9.2
- CVE-2025-4583 — Smash Balloon Social Photo Feed – Easy Social Feeds Plugin [instagram-feed] < 6.9.1 (XSS) · Medium
- CVE-2026-12002 — Smash Balloon Social Photo Feed – Easy Social Feeds Plugin [instagram-feed] < 6.11.2 (CSRF) · Medium
Vulnerabilities are matched against the exact installed version when it's known. Always keep the plugin updated to the latest release.
Check your own WordPress site
Run a free passive scan now, or create a free account and install the WP Clinic plugin for a deep scan of your whole hosting account and AI-assisted repair.