WordPress Plugin Redirection is prone to a local file inclusion vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin Redirection version 2.7.3 is vulnerable; prior versions may also be affected.
Update to plugin version 2.8 or latest
WordPress Plugin Simple Yearly Archive Cross-Site Scripting (2.1.8)
WordPress Cross-Site Scripting Vulnerability (3.0 - 3.6.1)
WordPress Plugin WP to Twitter Cross-Site Request Forgery (3.2.9)
WordPress Plugin Afterpay Gateway for WooCommerce Cross-Site Scripting (3.2.0)