CVE-2022-3861

creationtimestamp| type| source ---|---|--- 2022-11-21 16:37:06+00:00| seen| https://t.me/cibsecurity/53238...

CVE-2022-3861

CVE-2022-3861 affects BeTheme for WordPress. The BeTheme plugin/theme is vulnerable to PHP Object Injection via deserialization of untrusted input in the import paths (import, mfn-items-import-page, mfn-items-import) used by functions mfn_builder_import, mfn_builder_import_page, importdata, impor...

CVE-2022-3861 Betheme <= 26.5.1.4 - Authenticated (Subscriber+) PHP Object Injection

The Betheme theme for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 26.5.1.4 via deserialization of untrusted input supplied via the import, mfn-items-import-page, and mfn-items-import parameters passed through the mfnbuilderimport, mfnbuilderimportpage,...

WordPress BeTheme 26.5.1.4 PHP Object Injection Vulnerability

ADVISORY INFORMATION ======================= Product: Betheme Vendor URL: https://muffingroup.com/betheme/ Type: Deserialization of Untrusted Data CWE-502 Date found: 2022-11-02 Date published: 2022-11-18 CVSSv3 Score: 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE: CVE-2022-3861 2...

WordPress BeTheme 26.5.1.4 PHP Object Injection

RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Betheme Vendor URL: https://muffingroup.com/betheme/ Type: Deserialization of Untrusted Data CWE-502 Date found: 2022-11-02 Date published: 2022-11-18 CVSSv3 Score: 8.8...