The WordPress Sparkling theme (30,000+ active installations) fixed a unauthenticated function injection vulnerability affecting version 2.4.8 and below.
WordPress AdSanity plugin is prone to a critical vulnerability affecting version 1.8.1 and below that could allow a low-privilege user to perform arbitrary file upload, remote code execution and stored cross-site scripting attacks.
Code Profiler is a plugin to measure the performance of your WordPress plugins and themes. It makes it super easy to locate any bottleneck in order to speed up your website.
The WordPress JobSearch WP Job Board plugin (1,600+ sales on Envato) fixed a broken access control vulnerability in version 1.8.1 and below that could allow users to take over the website and its database.
The WordPress WP DSGVO Tools (GDPR), which as 30,000+ active installations, fixed a severe vulnerability that is actively exploited in the wild.