An SQL injection was discovered recently in the Duplicate Page plugin. If you have it installed, make sure you are using the latest version, which at the time of this writing is 3.4.
The Yuzo Related Posts plugin (60,000+ active installations) has a vulnerability that is actively being exploited in the wild. It has no current fix or patch, so you might need to remove and delete it. ⚠️