Description
WordPress Plugin Chat Room is prone to a directory traversal vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue can allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin Chat Room version 0.1.2 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 0.1.3 or latest
References
Related Vulnerabilities
WordPress Plugin AJAX Random Post Cross-Site Scripting (2.00)
WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.30)
WordPress Plugin BetterOptin Cross-Site Scripting (1.2.4)
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1000192)
WordPress Plugin Community Events 'id' Parameter SQL Injection (1.2.2)