Blogger Importer Plugin blogger-importer.php restart cross-site request forgery
CVE-2013-10027

4.3MEDIUM

Key Information:

Vendor

Wordpress
Status
Blogger Importer Plugin
Vendor
CVE Published:
4 June 2023

What is CVE-2013-10027?

A vulnerability was found in Blogger Importer Plugin up to 0.5 on WordPress. It has been classified as problematic. Affected is the function start/restart of the file blogger-importer.php. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. Upgrading to version 0.6 is able to address this issue. The patch is identified as b83fa4f862b0f19a54cfee76060ec9c2e7f7ca70. It is recommended to upgrade the affected component. VDB-230658 is the identifier assigned to this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Blogger Importer Plugin 0.1

Blogger Importer Plugin 0.2

Blogger Importer Plugin 0.3

References

https://vuldb.com/?id.230658
vdb-entrytechnical-description
https://vuldb.com/?ctiid.230658
signaturepermissions-required
https://github.com/wp-plugins/blogger-importer/commit/b83...
patch

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

VulDB GitHub Commit Analyzer
JSON
.