The plugin writes error messages to server log files even on production websites. If someone has access to read those log files, they could see internal details about your WordPress site when errors occur.
This vulnerability affects the following application versions:
- Disable Comments – Remove Comments & Stop Spam 2.5.3