WordPress Plugin Wordpress Uninstall is prone to a cross-site request forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application; other attacks are also possible. WordPress Plugin Wordpress Uninstall version 1.2.1 is vulnerable; prior versions may also be affected.
Edit the source code to ensure that CSRF protection is implemented with Nonce-like mechanism or disable the plugin until a fix is available
WordPress Plugin WP Popup Lite-Responsive popup for WordPress includes Backdoor [Only if downloaded via the vendor website] (1.0.8)
WordPress Plugin Sharebar Multiple Vulnerabilities (1.2.5)
WordPress Plugin FV Flowplayer Video Player Cross-Site Scripting (22.214.171.124)
WordPress Plugin WP GuestMap Multiple Cross-Site Scripting Vulnerabilities (1.8)
WordPress Possible Security Bypass Vulnerability (0.70 - 4.7.4)