• WordPress Plugin Essential Addons for Elementor is prone to a server-side request forgery vulnerability. An attacker may leverage this issue to make the vulnerable server perform port scanning of hosts in internal or external networks; other attacks are also possible. WordPress Plugin Essential Addons for Elementor version 2.9.8 is vulnerable; prior versions may also be affected.

• Disable the plugin until a fix is available

• • https://www.pluginvulnerabilities.com/2019/02/25/closed-popular-wordpress-plugin-essential-addons-for-elementor-contains-an-authenticated-ssrf-vulnerability/

• 

• CWE-918

• Missing Update SSRF

• WordPress Plugin WatuPRO Multiple Vulnerabilities (4.8.8.4)
• WordPress Plugin Yasr-Yet Another Stars Rating PHP Object Injection (1.8.6)
• WordPress Plugin iThemes Security (formerly Better WP Security) Multiple Cross-Site Scripting Vulnerabilities (3.4.3)
• WordPress Plugin Easy Forms for MailChimp Unspecified Vulnerability (6.0.3.2)
• WordPress Plugin VaultPress Cross-Site Scripting (1.7.7)