Description
WordPress Plugin Chat Room is prone to a directory traversal vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue can allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin Chat Room version 0.1.2 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 0.1.3 or latest
References
Related Vulnerabilities
WordPress Plugin PhastPress Open Redirect (1.110)
WordPress Plugin RSVPMaker SQL Injection (7.8.1)
WordPress Plugin Amelia-Events & Appointments Booking Calendar Multiple Vulnerabilities (1.0.45)
WordPress Plugin Captchinoo, Google recaptcha for admin login page Security Bypass (2.3)
WordPress Plugin Events by Devllo Cross-Site Scripting (1.0.4.2)