WordPress Plugin Email Log is prone to an SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. WordPress Plugin Email Log version 2.4.6 is vulnerable; prior versions may also be affected.
Update to plugin version 2.4.7 or latest
Drupal Core 9.0.x Cross-Site Request Forgery (9.0.0 - 9.0.14)
WordPress Plugin Dokan-Best WooCommerce Multivendor Marketplace Solution-Build Your Own Amazon, eBay, Etsy Cross-Site Request Forgery (3.0.8)
WordPress Plugin Form Maker by 10Web-Mobile-Friendly Drag & Drop Contact Form Builder Cross-Site Scripting (1.11.1)
WordPress Plugin Profile Builder-User Profile & User Registration Forms Security Bypass (2.3.5)
WordPress Plugin BuddyBoss Wall Cross-Site Scripting (1.1.7)