WordPress Plugin W3 Total Cache is prone to a server-side request forgery vulnerability. An attacker may leverage this issue to make the vulnerable server perform port scanning of hosts in internal or external networks; other attacks are also possible. WordPress Plugin W3 Total Cache version 0.9.7.3 is vulnerable; prior versions may also be affected.
Update to plugin version 0.9.7.4 or latest
WordPress Plugin Like Dislike Counter SQL Injection (1.2.3)
WordPress Plugin Username Changer Multiple Vulnerabilities (1.4)
WordPress Plugin BookingPress-Appointments Booking Calendar and Online Scheduling SQL Injection (1.0.10)
WordPress Plugin Webmention Cross-Site Scripting (4.0.8)
WordPress Plugin Ultimate Membership Pro Cross-Site Request Forgery (8.6.2)