A zero-day flaw in a WordPress plugin called BackupBuddy is being actively exploited, WordPress security company Wordfence has disclosed.
"This vulnerability makes it possible for unauthenticated users to download arbitrary files from the affected site which can include sensitive information," it said.
BackupBuddy allows users to back up their entire WordPress installation from within the
http://dlvr.it/SY2Ny3
http://dlvr.it/SY2Ny3