Description
The Wordpress DB Backup plug-in has a severe security vulnerability that may allow hackers to remotely download any file from the server.
Attackers may also construct malicious requests to download sensitive files from the server, and further embed website webshell files to control the website server host.
Affected versions
Wordpress DB Backup <= 4.5
Fix
Go to the Wordpress management backend and update the Wordpress DB Backup plug-in to the latest version.