EPSS
Percentile
79.5%
This vulnerability is in the importbuddy.php. It allows the attackers to bypass authentication via a crafted integer in the “step” parameter.
Update the plugin.
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2743