WordPress WP Statistics plugin versions 13.0 to 13.0.7 suffer from a remote unauthenticated blind SQL injection vulnerability.
dba4efd5e93d07eb78cf38fe1ac3e56f720b56d00529815d029b973a3a8abb18
WordPress WP-FileManager plugin version 6.8 remote code execution exploit.
749e41357c44162f47f36ada564f71b7a2871f5903c2a54b740a9a3b2ffd69e1