WordPress Plugin Download Manager is prone to a vulnerability that lets attackers delete arbitrary files because the application fails to properly verify user-supplied input. An attacker can exploit this vulnerability to delete arbitrary files in the context of the webserver process. WordPress Plugin Download Manager version 3.2.50 is vulnerable; prior versions may also be affected.
Update to plugin version 3.2.51 or latest
WordPress Plugin Side Menu-add fixed side buttons SQL Injection (3.1.3)
Drupal Core 6.x Cross-Site Scripting (6.0 - 6.11)
WordPress Plugin to Manage/Design WordPress Blog-WP Blog Manager Lite includes Backdoor [Only if downloaded via the vendor website] (1.1.0)
WordPress Plugin Leaky Paywall Cross-Site Scripting (4.16.5)