via greengeeks.com => original post link
In 2022, a critical security vulnerability exploit, CVE-2022-31474, was discovered in the popular BackupBuddy WordPress plugin. This premium plugin, designed for creating and managing website backups, had a flaw in its directory traversal functionality.
This flaw allowed attackers to access backup files containing sensitive data like database credentials and user information.
Additionally, BackupBuddy has since changed ownership to a new parent company and changed its name to Solid Backups, making previous versions of BackupBuddy deprecated.