WordPress Plugin WP Statistics is prone to an SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. WordPress Plugin WP Statistics version 9.4 is vulnerable; prior versions may also be affected.
Update to plugin version 9.4.1 or latest
WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Cross-Site Scripting (3.9.4)
WordPress Plugin Broadcast Live Video-Live Streaming:HTML5, WebRTC, HLS, RTSP, RTMP Multiple Vulnerabilities (4.27.4)
WordPress Plugin Simple Fields Local File Inclusion (0.3.5)
WordPress Plugin Ad Swapper Cross-Site Scripting (1.0.3)
WordPress Plugin Mobile App Native (Make a mobile app-Native iPhone & Android Mobile App FREE) Arbitrary File Upload (3.0)