The Zapier for WordPress plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.5.1 via the updated_user() function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests to arbitrary locations originating from the web application which can be used to query and modify information from internal services.
https://wordpress.org/plugins/zapier/#developers
https://plugins.trac.wordpress.org/changeset/3257975/
https://plugins.trac.wordpress.org/browser/zapier/trunk/zapier.php#L284
https://plugins.trac.wordpress.org/browser/zapier/trunk/zapier.php#L210
https://plugins.trac.wordpress.org/browser/zapier/trunk/zapier.php#L114