WordPress Plugin Subscribe to Comments is prone to a local file inclusion vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin Subscribe to Comments version 2.1.2 is vulnerable; prior versions are also affected.
Update to plugin version 2.3 or latest
WordPress Plugin Accordion Shortcodes Cross-Site Scripting (2.4.2)
WordPress Plugin Captchinoo, Google recaptcha for admin login page Cross-Site Request Forgery (2.4)
WordPress Plugin Security & Malware scan by CleanTalk Security Bypass (2.50)
WordPress Plugin PPOM for WooCommerce Same Origin Method Execution (SOME) (14.0)