WordPress JS External Link Info plugin version 1.21 suffers from an open redirection vulnerability.
4c091c9a01dc64ef1f3a7175b8ed1bee96a8e5b9527c30132cac8464113bb6da
downloadcode.php from Shadow Infosystem suffers from an arbitrary file download vulnerability.
b3864dd1aa64620ab5f39a5ee1e756dd75eb81aa18ae0b6acd9703a1adf347dc