WordPress Plugin Backup is prone to an information disclosure vulnerability because it fails to sufficiently validate user-supplied data. An attacker can exploit this issue to download database backup files from the affected application. This may allow the attacker to obtain sensitive information; other attacks are also possible. WordPress Plugin Backup version 2.0.1 is vulnerable; prior versions may also be affected.
Update to plugin version 2.1 or latest