CVE-2014-9262
The WordPress Duplicator plugin is affected: versions before 0.5.10 allow remote authenticated users to create and download backup files. This represents a privilege/permission issue that can expose site data. Impact is limited to authenticated users and backups; no mention of remote unauthentica...