Vulnerabilities > Muffingroup > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-30 | CVE-2024-2694 | Deserialization of Untrusted Data vulnerability in Muffingroup Betheme 26.5.1.4/26.6/26.6.1 The Betheme theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 27.5.6 via deserialization of untrusted input of the 'mfn-page-items' post meta value. | 8.8 |
| 2024-06-19 | CVE-2023-39998 | Unspecified vulnerability in Muffingroup Betheme Missing Authorization vulnerability in Muffingroup Betheme.This issue affects Betheme: from n/a through 27.1.1. | 7.2 |
| 2024-03-25 | CVE-2022-45356 | Unspecified vulnerability in Muffingroup Betheme Missing Authorization vulnerability in Muffingroup Betheme.This issue affects Betheme: from n/a through 26.6.1. | 8.8 |
| 2023-01-14 | CVE-2022-45353 | Unspecified vulnerability in Muffingroup Betheme 26.5.1.4/26.6/26.6.1 Broken Access Control in Betheme theme <= 26.6.1 on WordPress. | 8.1 |
| 2022-11-21 | CVE-2022-3861 | Deserialization of Untrusted Data vulnerability in Muffingroup Betheme 26.5.1.4 The Betheme theme for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 26.5.1.4 via deserialization of untrusted input supplied via the import, mfn-items-import-page, and mfn-items-import parameters passed through the mfn_builder_import, mfn_builder_import_page, importdata, importsinglepage, and importfromclipboard functions. | 8.8 |
| 2022-11-17 | CVE-2022-45077 | Deserialization of Untrusted Data vulnerability in Muffingroup Betheme Auth. | 8.8 |