WordPress Plugin Currency Switcher for WooCommerce is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently do conversions in currencies that aren't enabled in settings. WordPress Plugin Currency Switcher for WooCommerce version 2.11.1 is vulnerable; prior versions may also be affected.
Update to plugin version 2.11.2 or latest
WordPress 4.8.x Multiple Vulnerabilities (4.8 - 4.8.19)
WordPress Plugin MAC PHOTO GALLERY 'upload-file.php' Arbitrary File Upload (2.7)
WordPress Plugin Front-end Editor 'upload.php' Arbitrary File Upload (2.2.1)
WordPress Plugin Form Maker by 10Web-Mobile-Friendly Drag & Drop Contact Form Builder Unspecified Vulnerability (1.6.5)