WordPress security for hosting providers

{
   "vulnerabilities":[
      {
         "id":7976,
         "product_id":2175,
         "title":"WordPress File Upload plugin <= 4.16.2 - Contributor+ Path Traversal vulnerability leading to Remote Code Execution (RCE)",
         "description":"Contributor+ Path Traversal vulnerability leading to Remote Code Execution (RCE) discovered by apple502j in WordPress File Upload plugin (versions <= 4.16.2).",
         "disclosure_date":"2022-03-01 00:00:00",
         "disclosed_at":"2022-03-01T00:00:00+00:00",
         "created_at":"2022-03-07T11:17:05+00:00",
         "url":"wordpress-file-upload-plugin-4-16-2-contributor-path-traversal-vulnerability-leading-to-remote-code-execution-rce",
         "product_slug":"wp-file-upload",
         "product_name":"WordPress File Upload",
         "product_name_premium":null,
         "product_type":"Plugin",
         "vuln_type":"Directory Traversal",
         "cvss_score":8.8,
         "cve":[
            "2021-24962"
         ],
         "affected_in":"<= 4.16.2",
         "fixed_in":"4.16.3",
         "patched_in_ranges":[
            
         ],
         "direct_url":"https://patchstack.com/database/vulnerability/wp-file-upload/wordpress-file-upload-plugin-4-16-2-contributor-path-traversal-vulnerability-leading-to-remote-code-execution-rce"
      },
      {
         "id":7957,
         "product_id":3808,
         "title":"WordPress All in One Invite Codes plugin <= 1.0.12 - Sensitive Information Disclosure vulnerability",
         "description":"Sensitive Information Disclosure vulnerability discovered in WordPress All in One Invite Codes plugin (versions <= 1.0.12).",
         "disclosure_date":"2022-02-28 00:00:00",
         "disclosed_at":"2022-02-28T00:00:00+00:00",
         "created_at":"2022-03-03T13:25:05+00:00",
         "url":"wordpress-all-in-one-invite-codes-plugin-1012-sensitive-information-disclosure-vulnerability",
         "product_slug":"all-in-one-invite-codes",
         "product_name":"All in One Invite Codes",
         "product_name_premium":null,
         "product_type":"Plugin",
         "vuln_type":"Information Disclosure",
         "is_exploited":true,
         "cvss_score":4.3,
         "cve":[
            
         ],
         "affected_in":"<= 1.0.12",
         "fixed_in":"",
         "patched_in_ranges":[
            
         ],
         "direct_url":"https://patchstack.com/database/vulnerability/all-in-one-invite-codes/wordpress-all-in-one-invite-codes-plugin-1012-sensitive-information-disclosure-vulnerability"
      }
   ]
}