Wordfence has detected four vulnerabilities in the Ninja Forms plugin. Due to the severity of the exploits, an immediate update of the plugin is recommended.
Because developing blocks requires using a different tools, there have been several initiatives introduced to simplify this. Justin Tadlock just did a review of one of the latest offerings, Genesis Custom Blocks.
On October 23, 2020, The Wordfence Threat Intelligence team disclosed several vulnerabilities in Ultimate Member, a WordPress plugin installed on over 100,000 sites. The issue has been addressed and we recommend updating immediately.
Every month the folks over at iThemes do a nice recap on Wordpress plugins that were added or updated in the past thirty days. For October, they highlighted three that we are researching as possible additions to our toolset here at Outcome Labs.
Today's recommended read is a good overview from NOUPE of recent vulnerabilities discovered in a number of leading Wordpress plugins.