With more than 800.000 downloads, worlds most famous WordPress Backup Plugin BackWPup got a bug-fix-release. Beside a buggy redirect we closed a security gap.
The center of this release is the fix of a redirect-bug, and the remove of a security gap. It was about Cross-Site-Scripting (XSS) (“…which enables attackers to inject client-side script into web pages viewed by other users”). Our thanks go out to High-Tech Bridge for reporting this. The risk can be considered as low. But we ask everyone to update the plugin!