Vulnerabilities > Muffingroup
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-13 | CVE-2024-5567 | Cross-site Scripting vulnerability in Muffingroup Betheme 26.5.1.4/26.6/26.6.1 The Betheme theme for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 27.5.5 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-08-30 | CVE-2024-2694 | Deserialization of Untrusted Data vulnerability in Muffingroup Betheme 26.5.1.4/26.6/26.6.1 The Betheme theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 27.5.6 via deserialization of untrusted input of the 'mfn-page-items' post meta value. | 8.8 |
| 2024-08-30 | CVE-2024-3998 | Cross-site Scripting vulnerability in Muffingroup Betheme 26.5.1.4/26.6/26.6.1 The Betheme theme for WordPress is vulnerable to Stored Cross-Site Scripting via several of the plugin's shortcodes in all versions up to, and including, 27.5.6 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-06-19 | CVE-2023-39998 | Unspecified vulnerability in Muffingroup Betheme Missing Authorization vulnerability in Muffingroup Betheme.This issue affects Betheme: from n/a through 27.1.1. | 7.2 |
| 2024-03-25 | CVE-2022-45349 | Unspecified vulnerability in Muffingroup Betheme Missing Authorization vulnerability in Muffingroup Betheme.This issue affects Betheme: from n/a through 26.6.1. | 4.3 |
| 2024-03-25 | CVE-2022-45351 | Unspecified vulnerability in Muffingroup Betheme Missing Authorization vulnerability in Muffingroup Betheme.This issue affects Betheme: from n/a through 26.6.1. | 5.4 |
| 2024-03-25 | CVE-2022-45352 | Unspecified vulnerability in Muffingroup Betheme Missing Authorization vulnerability in Muffingroup Betheme.This issue affects Betheme: from n/a through 26.6.1. | 4.3 |
| 2024-03-25 | CVE-2022-45356 | Unspecified vulnerability in Muffingroup Betheme Missing Authorization vulnerability in Muffingroup Betheme.This issue affects Betheme: from n/a through 26.6.1. | 8.8 |
| 2023-05-10 | CVE-2023-29101 | Unspecified vulnerability in Muffingroup Betheme 26.5.1.4/26.6/26.6.1 Unauth. | 6.1 |
| 2023-01-14 | CVE-2022-45353 | Unspecified vulnerability in Muffingroup Betheme 26.5.1.4/26.6/26.6.1 Broken Access Control in Betheme theme <= 26.6.1 on WordPress. | 8.1 |