WordPress Plugin Import Export WordPress Users is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently import new users via a CSV file, including administrative-level users. WordPress Plugin Import Export WordPress Users version 1.3.8 is vulnerable; prior versions may also be affected.
Update to plugin version 1.3.9 or latest
WordPress Plugin Media Usage Cross-Site Scripting (0.0.4)
WordPress Plugin Asgaros Forum Cross-Site Request Forgery (1.5.8)
WordPress Plugin Shopping Cart & eCommerce Store Arbitrary File Upload (3.0.8)
WordPress Plugin EWWW Image Optimizer Cross-Site Scripting (2.0.1)
WordPress Plugin SAML SP Single Sign On-SSO login Cross-Site Scripting (4.8.83)