1) Run backup function http://your_site/wordpress/wp-admin/admin.php?page=backup_guard_backups
2) When the scan is over, the attacker must sort through the directory "/wordpress/wp-content/uploads/jetbackup/*", after which there will be a Directory Listing vulnerability in it, which will allow pumping out all backup and all logs. This vulnerability will be available if a person names the file in a simple way.