JSN Power Admin,2.3.0,XSS (Cross Site Scripting)
Resolution: update to 2.3.2
Update notice: http://www.joomlashine.com/knowledgeportal/articles/jsn-poweradmin-vulnerability-problem-solved.html
Note that previous security release 2.3.1 is still vulnerable, and should be updated...
Breezing Forms Full before build 884
Breezing Forms Lite before build 912
Resolution: update to latest version
Update notice: https://crosstec.org/en/blog/859-breezingforms-medium-security-update.html...
EasySocial versions before 1.4.7: Code injection
Resolution: update to 1.4.7
Update notice: http://stackideas.com/blog/critical-update-for-easysocial-update-to-1-4-7-now...
Resize Image On The Fly and Cache - content plugin by s2software.it
Version 1.1.0 and likely all previous
Open folder permissions
Resolution: update to version 1.3.3
Existing users will need to manually fix the permissions of folder /images/cache to 755 or delete it in order to be recreated by the plugin with the proper permissions