Subversion Plus Security Risks
Subversion Plus supports secure protocols (https and svn+ssh) to access to Subversion. 

Before allow any user to access to Subversion,  it checks whether the user has created a valid session on JIRA and whether the user is also granted with the right JIRA privileges (VIEW_VERSION_CONTROL).

No any direct known security risk is introduced by Subversion Plus as all the data is stored under:
  • the JIRA HOME directory and
  • the user's home directory who runs the JIRA process (server). 
Therefore, your JIRA security has to previously be compromised before compromise the Subversion Plus security. If this happens, you should clear as soon as possible the Subversion Plus data stored under the two directories mentioned above as they may contain Subversion user credentials.

Subversion Plus is mainly a cache for Subversion, therefore all its data could be considered as volatile and not requiring any backup. All the data retrieved by Subversion Plus from the repositories are redundant because they can be deleted and retrieved again at any time as well as the repositories configuration.