WordPress Plugin Product Catalog X is prone to a cross-site request forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application; other attacks are also possible. WordPress Plugin Product Catalog X version 1.5.12 is vulnerable; prior versions may also be affected.
Update to plugin version 1.5.13 or latest
WordPress Plugin UK Cookie Cross-Site Request Forgery (1.1)
WordPress Plugin PowerPress Podcasting by Blubrry Cross-Site Scripting (6.0)
WordPress Plugin WebEngage Feedback, Survey and Notification Cross-Site Scripting (2.0.0)
WordPress Plugin Map Block for Google Maps Unspecified Vulnerability (1.31)
WordPress Plugin DukaPress TimThumb Arbitrary File Upload (2.3.2)