BackWPup Vulnerabilities?

A remote execution vulnerability has been discovered in WordPress backup utility BackWPup. According to Sydney (Australia) company Sense of Security, which published the advisory along with a proof-of-concept, the vulnerability allows local or remote PHP files to be passed to a component of the utility. “The input passed to the component wp_xml_export.php via the ‘wpabs’…