WordPress Plugin Zingiri Web Shop is prone to a remote file include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible. WordPress Plugin Zingiri Web Shop version 2.4.6 is vulnerable; prior versions may also be affected.
Update to plugin version 2.4.7 or latest
WordPress Plugin LIQUID SPEECH BALLOON Cross-Site Scripting (1.0.6)
WordPress 4.1.x Prototype Pollution (4.1 - 4.1.34)
WordPress Plugin RK Responsive Contact Form SQL Injection (1.0.0)
WordPress Plugin Multi Step Form Multiple Cross-Site Scripting Vulnerabilities (1.2.5)
WordPress Plugin JupiterX Core Multiple Vulnerabilities (2.0.6)