Description
WordPress Plugin Revamp CRM for WooCommerce is prone to a local file inclusion vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin Revamp CRM for WooCommerce version 1.0.3 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.0.4 or latest
References
Related Vulnerabilities
WordPress Plugin Smart Forms-when you need more than just a contact form Security Bypass (2.6.84)
Liferay DXP Incorrect Default Permissions Vulnerability (CVE-2021-33334)
Ruby Out-of-bounds Write Vulnerability (CVE-2016-2338)
WordPress Plugin ApplyOnline-Application Form Builder and Manager Arbitrary File Disclosure (1.9.92)