WP-Safety

Blogger Importer Extended Security & Risk Analysis

wordpress.org/plugins/blogger-importer-extended

Easily move your blog from Blogger to WordPress. Import all your content and setup 301 redirects automatically.

4K active installs v3.2.7 PHP 7.0+ WP 5.8+ Updated Dec 25, 2025
bloggerblogspotimporter
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Blogger Importer Extended Safe to Use in 2026?

Generally Safe

Score 100/100

Blogger Importer Extended has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago
Risk Assessment

The blogger-importer-extended plugin version 3.2.7 presents a significant security risk primarily due to its unprotected AJAX handlers. With 7 AJAX handlers and all of them lacking authentication checks, any unauthenticated user could potentially trigger these functions, leading to unintended actions or information disclosure. While the plugin shows good practices in other areas like a low percentage of SQL queries not using prepared statements (43% is not ideal but not critically low) and a high rate of output escaping (78% is decent), the lack of authorization on entry points is a major weakness. The taint analysis identified one flow with unsanitized paths, which, although not reaching critical or high severity in this analysis, highlights a potential avenue for path traversal or arbitrary file read vulnerabilities if not properly handled by the application logic calling these AJAX endpoints. The plugin has no recorded vulnerability history, which is a positive indicator of past security diligence, but this should not overshadow the current, clearly identifiable risks in its attack surface.

Key Concerns

  • 7 AJAX handlers without auth checks
  • 1 unsanitized path flow in taint analysis
  • 43% of SQL queries not using prepared statements
Vulnerabilities
None known

Blogger Importer Extended Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Blogger Importer Extended Code Analysis

Dangerous Functions
0
Raw SQL Queries
12
9 prepared
Unescaped Output
19
66 escaped
Nonce Checks
9
Capability Checks
2
File Operations
6
External Requests
3
Bundled Libraries
0

SQL Query Safety

43% prepared21 total queries

Output Escaping

78% escaped85 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

2 flows1 with unsanitized paths
bie_page_render (bootstrap.php:219)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
7 unprotected

Blogger Importer Extended Attack Surface

Entry Points7
Unprotected7

AJAX Handlers 7

authwp_ajax_bie_free_license_ajaxbootstrap.php:646
authwp_ajax_bie_complete_ajaxbootstrap.php:652
authwp_ajax_bie_check_license_ajaxbootstrap.php:672
authwp_ajax_bie_get_blog_ajaxbootstrap.php:718
authwp_ajax_bie_progress_ajaxbootstrap.php:788
authwp_ajax_bie_delete_progress_ajaxbootstrap.php:1025
authwp_ajax_bie_resetsettings.php:324
WordPress Hooks 12
actionadmin_initbootstrap.php:50
actionadmin_menubootstrap.php:56
actionbefore_delete_postbootstrap.php:173
actionadmin_noticesbootstrap.php:183
filterintermediate_image_sizes_advancedbootstrap.php:845
filterbig_image_size_thresholdbootstrap.php:846
actiontemplate_redirectredirects.php:3
actionadmin_footer-plugins.phpredirects.php:114
actionadmin_noticesredirects.php:137
actionadmin_menusettings.php:4
actionadmin_footer-options-permalink.phpsettings.php:10
actionadmin_initsettings.php:260
Maintenance & Trust

Blogger Importer Extended Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedDec 25, 2025
PHP min version7.0
Downloads246K

Community Trust

Rating94/100
Number of ratings129
Active installs4K
Alternatives

Blogger Importer Extended Alternatives

BtW Importer – Free Blogger/Blogspot Migration

BtW Importer – Free Blogger/Blogspot Migration

btw-importer

A
100

Import your Blogger .atom file from Google Takeout and migrate to WordPress, free and automatic.

300 No CVEs
Import Wizard for Blogspot – Free Blogger to WordPress importer

Import Wizard for Blogspot – Free Blogger to WordPress importer

import-wizard-blogspot

A
100

Import posts & pages from Blogspot to WordPress while preserving SEO, images, and formatting.

100 No CVEs
Blogger Importer

Blogger Importer

blogger-importer

A
92

Imports posts, images, comments, and categories (blogger tags) from a Blogger blog then migrates authors to WordPress users.

60K 1 CVE
Blogger To WordPress

Blogger To WordPress

blogger-to-wordpress-redirection

A
100

This plugin automates setting up 1-to-1 mapping between Blogger.com (blogspot) blog posts and your new WordPress blog posts.

3K No CVEs
Export to Blogger

Export to Blogger

export-to-blogger

A
85

Export Wordpress data to Blogger(Blogspot) XML.

1K No CVEs
Developer Profile

Blogger Importer Extended Developer Profile

pipdig

10 plugins · 80K total installs

77
trust score
Avg Security Score
97/100
Avg Patch Time
353 days
View full developer profile
Detection Fingerprints

How We Detect Blogger Importer Extended

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/blogger-importer-extended/css/style.css/wp-content/plugins/blogger-importer-extended/js/script.js
Script Paths
/wp-content/plugins/blogger-importer-extended/js/script.js
Version Parameters
blogger-importer-extended/css/style.css?ver=blogger-importer-extended/js/script.js?ver=

HTML / DOM Fingerprints

CSS Classes
pipdigBloggerImporterpipdigBloggerClosepipdigBloggerImporterContentpipdig_hidebie_info_iconspin
Data Attributes
data-bie-action
JS Globals
bie_progress_ajaxbie_wait_timebie_image_import_limit
FAQ

Frequently Asked Questions about Blogger Importer Extended