Thanks to Alex Concha for pointing out a security vulnerability in the WordPress database backup plugin, which I’ve fixed in the latest version, 2.1.0. If you’re using any previous version of the plugin, including version 1.7 bundled with the 2.0.x line, it’s very important that you upgrade. Please note that for security reasons, the plugin now requires that you be using at least version 2.0.3 of WordPress, which is also a good idea for a number of reasons unrelated to this plugin.
2.1.0 includes the following changes in addition to the security fix:
- Repaired internationalization feature, so that it’s now compatible with other internationalization plugins such as Gengo.
- In previous versions, some people’s downloads stopped mid-way because of their server’s anti-denial-of-service setup. WP-DB-Backup should now automatically avoid that problem.
If you have any problems or support questions concerning the plugin, please open a ticket in my support forum.