WordPress Plugin Theme My Login is prone to a local file inclusion vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin Theme My Login version 6.3.9 is vulnerable; prior versions may also be affected.
Update to plugin version 6.3.10 or latest
WordPress Plugin Comment Extra Fields Multiple Cross-Site Scripting Vulnerabilities (1.7)
WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.8)
WordPress Plugin FormBuilder Multiple Vulnerabilities (1.05)
Drupal Core 7.x Remote Code Execution (7.0 - 7.58)