Product:

Betheme

(Muffingroup)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 13
Date Id Summary Products Score Patch Annotated
2022-11-17 CVE-2022-45077 Auth. (subscriber+) PHP Object Injection vulnerability in Betheme theme <= 26.5.1.4 on WordPress. Betheme 8.8
2024-03-25 CVE-2022-45349 Missing Authorization vulnerability in Muffingroup Betheme.This issue affects Betheme: from n/a through 26.6.1. Betheme 4.3
2024-03-25 CVE-2022-45351 Missing Authorization vulnerability in Muffingroup Betheme.This issue affects Betheme: from n/a through 26.6.1. Betheme 5.4
2024-03-25 CVE-2022-45352 Missing Authorization vulnerability in Muffingroup Betheme.This issue affects Betheme: from n/a through 26.6.1. Betheme 4.3
2024-03-25 CVE-2022-45356 Missing Authorization vulnerability in Muffingroup Betheme.This issue affects Betheme: from n/a through 26.6.1. Betheme 8.8
2024-06-19 CVE-2023-39998 Missing Authorization vulnerability in Muffingroup Betheme.This issue affects Betheme: from n/a through 27.1.1. Betheme 7.2
2022-11-21 CVE-2022-3861 The Betheme theme for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 26.5.1.4 via deserialization of untrusted input supplied via the import, mfn-items-import-page, and mfn-items-import parameters passed through the mfn_builder_import, mfn_builder_import_page, importdata, importsinglepage, and importfromclipboard functions. This makes it possible for authenticated attackers, with contributor level permissions and above to inject a PHP Object. The... Betheme 8.8
2022-11-22 CVE-2022-45363 Auth. (subscriber+) Stored Cross-Site Scripting (XSS) in Muffingroup Betheme theme <= 26.6.1 on WordPress. Betheme 5.4
2023-01-14 CVE-2022-45353 Broken Access Control in Betheme theme <= 26.6.1 on WordPress. Betheme 8.1
2023-05-10 CVE-2023-29101 Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Muffingroup Betheme theme <= 26.7.5 versions. Betheme 6.1