Recently, WordFence released their vulnerability roundup. To view full details, click here. To keep it brief, I’ve added some of the details here:
All-in-One WP Migration Plugin
“The All-in-One WP Migration plugin for WordPress reportedly suffered from a cross site scripting vulnerability which was fixed about 6 weeks ago”. Please be sure to download the current plugin update (6.51) to combat this issue.
WordPress Download Manager Plugin
“A few weeks ago, a reflected cross site scripting vulnerability was discovered in the WordPress Download Manager plugin versions 2.9.51 and older.” To be sure you have the latest plugin, 2.9.53.
To be sure you have the latest information on your Joomla site, please visit WordFence for more details.