WordPress Plugin Wp-FileManager is prone to a vulnerability that attackers can exploit to upload arbitrary PHP script code and execute it in the context of the webserver process. WordPress Plugin Wp-FileManager version 1.2 is vulnerable; other versions may also be affected.
Update to the latest version
WordPress Plugin Shortlinks by Pretty Links-Best WordPress Link Tracking Multiple Cross-Site Scripting Vulnerabilities (2.1.2)
WordPress Plugin Default Facebook Thumbnails Multiple Vulnerabilities (0.4)
WordPress Plugin 2Way VideoCalls and Random Chat-HTML5 Webcam Videochat Cross-Site Scripting (4.41)
WordPress Plugin Comments Disable-AccessPress includes Backdoor [Only if downloaded via the vendor website] (1.0.7)
WordPress Plugin Pluginception Multiple Cross-Site Scripting Vulnerabilities (1.2)