WordPress Plugin WordPress Download Manager is prone to an open redirect vulnerability because the application fails to properly verify user-supplied input. Exploiting this issue may allow attackers to redirect users to arbitrary web sites and conduct phishing attacks; other attacks are also possible. WordPress Plugin WordPress Download Manager version 2.9.50 is vulnerable; prior versions are also affected.
Update to plugin version 2.9.51 or latest
WordPress Plugin Easy Social Icons Cross-Site Scripting (3.1.2)
WordPress Plugin DP Thumbnail TimThumb Arbitrary File Upload (1.0)
WordPress Plugin Simple Yearly Archive Cross-Site Scripting (2.1.8)
WordPress Plugin Paid Memberships Pro-Restrict Member Access to Content, Courses, Communities-Free or Paid Subscriptions Cross-Site Scripting (184.108.40.206)
WordPress Plugin RocketTheme RokBox Multiple Vulnerabilities (2.13)