WordPress Plugin WordPress File Upload is prone to a cross-site request forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application; other attacks are also possible. WordPress Plugin WordPress File Upload version 2.4.1 is vulnerable; prior versions may also be affected.
Update to plugin version 2.4.2 or latest
WordPress Plugin YOP Poll Cross-Site Scripting (6.0.2)
WordPress Plugin Contact Bank-Contact Form Builder for WordPress Cross-Site Scripting (2.0.226)
WordPress Plugin Category Grid View Gallery Cross-Site Scripting (2.3.3)
WordPress Plugin WP Block and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection-StopBadBots Unspecified Vulnerability (6.66)
WordPress Plugin Hunk External Links Cross-Site Scripting (3.0.5)