WordPress Plugin Qode Twitter Feed (embeded in Bridge-Creative Multi-Purpose WordPress Theme) is prone to an open redirect vulnerability because the application fails to properly verify user-supplied input. Exploiting this issue may allow attackers to redirect users to arbitrary web sites and conduct phishing attacks; other attacks are also possible. WordPress Plugin Qode Twitter Feed (embeded in Bridge-Creative Multi-Purpose WordPress Theme) version 2.0.1 is vulnerable; prior versions may also be affected.
Update to plugin version 2.0.2 (theme version 18.2.1) or latest, or delete the redirect script
WordPress Plugin WP Custom Cursors Multiple Vulnerabilities (3.0)
WordPress Plugin Tune Library 'letter' Parameter SQL Injection (1.5.1)
WordPress Plugin Advanced Order Export For WooCommerce Cross-Site Scripting (3.1.3)
WordPress Plugin Spreadsheet (wpSS) SQL Injection (0.62)