WordPress Plugin Ultimate Member-User Profile, User Registration, Login & Membership is prone to an open redirect vulnerability because the application fails to properly verify user-supplied input. Exploiting this issue may allow attackers to redirect users to arbitrary web sites and conduct phishing attacks; other attacks are also possible. WordPress Plugin Ultimate Member-User Profile, User Registration, Login & Membership version 2.3.1 is vulnerable; prior versions may also be affected.
Update to plugin version 2.3.2 or latest
WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.10)
WordPress Plugin 2Way VideoCalls and Random Chat-HTML5 Webcam Videochat Cross-Site Scripting (4.41)
WordPress Plugin Mini Mail Dashboard Widget Cross-Site Scripting (1.42)
WordPress Plugin WP SEO Tags Cross-Site Scripting (2.2.7)