WordPress Plugin Events Search For The Events Calendar is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently download and extract a remote ZIP file on the blog, which can lead to remote code execution. WordPress Plugin Events Search For The Events Calendar version 1.1.3 is vulnerable; prior versions may also be affected.
Update to plugin version 1.2 or latest
WordPress Plugin AddToAny Share Buttons Cross-Site Scripting (1.6.6)
WordPress Plugin Olimometer SQL Injection (2.56)
WordPress Plugin BackWPup Security Bypass (3.4.1)
WordPress 3.0.3 KSES Library Cross-Site Scripting Vulnerability (0.6.2 - 3.0.3)
WordPress Plugin YOP Poll Multiple Cross-Site Scripting Vulnerabilities (4.9.1)