WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress is prone to a cross-site request forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application; other attacks are also possible. WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress version 3.4.27 is vulnerable; prior versions may also be affected.
Update to plugin version 184.108.40.206 or latest
WordPress Plugin WordPress Infinite Scroll-Ajax Load More Unspecified Vulnerability (2.11.0)
WordPress Plugin Asgaros Forum Security Bypass (1.5.7)
WordPress Plugin Zip Attachments Arbitrary File Download (1.4)
WordPress Plugin JVM WooCommerce Wishlist Unspecified Vulnerability (1.2.6)