WordPress Plugin kk Star Ratings is prone to a remote file include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible. WordPress Plugin kk Star Ratings version 1.7 is vulnerable; prior versions may also be affected.
Update to plugin version 1.7.2 or latest
Joomla! Core Local File Inclusion (2.5.0 - 3.8.8)
WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner Directory Traversal (3.1.4)
WordPress Plugin Registrations for the Events Calendar-Event Registration Cross-Site Scripting (2.7.9)
WordPress Plugin Image Gallery with Slideshow 'upload-file.php' Arbitrary File Upload (1.5)
WordPress Plugin DELUCKS SEO Unspecified Vulnerability (1.2.2)