WordPress Plugin Qode Instagram Widget (embeded in Bridge-Creative Multi-Purpose WordPress Theme) is prone to an open redirect vulnerability because the application fails to properly verify user-supplied input. Exploiting this issue may allow attackers to redirect users to arbitrary web sites and conduct phishing attacks; other attacks are also possible. WordPress Plugin Qode Instagram Widget (embeded in Bridge-Creative Multi-Purpose WordPress Theme) version 2.0.1 is vulnerable; prior versions may also be affected.
Update to plugin version 2.0.2 (theme version 18.2.1) or latest, or delete the redirect script
WordPress Plugin SodaHead Polls Multiple Cross-Site Scripting Vulnerabilities (2.0.2)
WordPress Plugin BuddyPress Docs Security Bypass (1.9.2)
WordPress Plugin Zendesk Chat Cross-Site Request Forgery (1.4.5)
WordPress Plugin UsersWP-Front-end login form, User Registration, User Profile & Members Directory for WordPress Security Bypass (1.2.3)