WordPress Plugin Mailing List is prone to a remote file include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue could allow an attacker to compromise the application and the underlying system; other attacks are also possible. WordPress Plugin Mailing List version 1.3.3 is vulnerable; other versions may also be affected.
Update to plugin version 1.3.4 or latest
WordPress Plugin EWWW Image Optimizer Denial of Service (6.0.1)
WordPress Plugin GiveWP-Donation and Fundraising Platform Cross-Site Scripting (0.8)
WordPress Plugin NewStatPress Cross-Site Scripting (1.0.5)
WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.12)
WordPress Plugin Invite Anyone PHP Object Injection (1.3.18)