Remove Scountet Kalendar as it appears the plugin has been abandoned.
The vulnerability has been patched, and you should update it to version 1.6.90.
2. Materialis
Materialis versions 1.0.172 and below have an Authenticated Options Update vulnerability.
What You Should Do
The vulnerability has been patched, and you should update it to version 1.0.173.
4. Superlist
Superlist versions 2.9.2 and below are vulnerable to a Stored Cross-Site Scripting attack.
What You Should Do
The vulnerability hasn’t been patched, and you should remove the theme. Keep an eye on the changelog for a security update.
How to Be Proactive About WordPress Theme & Plugin Vulnerabilities
Running outdated software is the number one reason WordPress sites are hacked. It is crucial to the security of your WordPress site that you have an update routine. You should be logging into your sites at least once a week to perform updates.
Automatic Updates Can Help
Automatic updates are a great choice for WordPress websites that don’t change very often. Lack of attention often leaves these sites neglected and vulnerable to attacks. Even with recommended security settings, running vulnerable software on your site can give an attacker an entry point into your site.
Using the iThemes Security Pro plugin’s Version Management feature, you can enable automatic WordPress updates to ensure you are getting the latest security patches. These settings help protect your site with options to automatically update to new versions or to increase user security when the site’s software is outdated.
[…]
This article was written by Michael Moore and originally published on WordPress News and Updates from iThemes – iThemes.