This is their reply
The component you are using is attempting to get the phpinfo information of the server. This is considered as security risk and because of that is disabled in the mod_security rules. If you would like we can disable the mod_security for the following domains:
***
Keep in mind that in our mod_security rules there are large number of exploit prevention techniques which protect from known WordPress vulnerabilities. When the mod_security is disabled those protection will not longer apply for the domains in question.
If you would like to keep the protections active:
-- You may consider creating manual backups for your website.
-- You may contact the developers of the script and request version which will not have in it phpinfo requests.Let us know how to proceed considering the above.
Looking forward to your reply.