The WordPress Kali Forms plugin (30,000+ active installations) fixed multiple vulnerabilities affecting version 2.1.2 and below.
The WordPress CMP – Coming Soon and Maintenance plugin (100k+ active installations) fixed multiple vulnerabilities.
The Product Input Fields for WooCommerce plugin (5,000+ active installations) fixed a high severity vulnerability that could allow an unauthenticated user to download any file from the blog, including the WordPress configuration file.
A critical vulnerability in the WordPress Adning Advertising plugin (8k+ installations) is currently actively exploited in the wild.
The Security and Malware Scan by CleanTalk plugin for WordPress (5,000+ active installations) fixed a vulnerability affecting version 2.50 and below that could allow any authenticated user to interact with all its AJAX actions.