Vulnerabilities > Muffingroup > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-13 | CVE-2024-5567 | Cross-site Scripting vulnerability in Muffingroup Betheme 26.5.1.4/26.6/26.6.1 The Betheme theme for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 27.5.5 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-08-30 | CVE-2024-3998 | Cross-site Scripting vulnerability in Muffingroup Betheme 26.5.1.4/26.6/26.6.1 The Betheme theme for WordPress is vulnerable to Stored Cross-Site Scripting via several of the plugin's shortcodes in all versions up to, and including, 27.5.6 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-03-25 | CVE-2022-45349 | Unspecified vulnerability in Muffingroup Betheme Missing Authorization vulnerability in Muffingroup Betheme.This issue affects Betheme: from n/a through 26.6.1. | 4.3 |
| 2024-03-25 | CVE-2022-45351 | Unspecified vulnerability in Muffingroup Betheme Missing Authorization vulnerability in Muffingroup Betheme.This issue affects Betheme: from n/a through 26.6.1. | 5.4 |
| 2024-03-25 | CVE-2022-45352 | Unspecified vulnerability in Muffingroup Betheme Missing Authorization vulnerability in Muffingroup Betheme.This issue affects Betheme: from n/a through 26.6.1. | 4.3 |
| 2023-05-10 | CVE-2023-29101 | Unspecified vulnerability in Muffingroup Betheme 26.5.1.4/26.6/26.6.1 Unauth. | 6.1 |
| 2022-11-29 | CVE-2022-3747 | Cross-Site Request Forgery (CSRF) vulnerability in Muffingroup Becustom 1.0.5.2 The Becustom plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.5.2. | 6.5 |
| 2022-11-22 | CVE-2022-45363 | Unspecified vulnerability in Muffingroup Betheme 26.5.1.4/26.6/26.6.1 Auth. | 5.4 |