Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

MuffinGroup — Vulnerabilities & Security Advisories 19

Browse all 19 CVE security advisories affecting MuffinGroup. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by MuffinGroup:BethemeBecustomBetheme (WordPress theme)
CVE IDTitleCVSSSeverityPublished
CVE-2025-63075 WordPress Betheme theme <= 28.2 - Cross Site Scripting (XSS) vulnerability — BethemeCWE-79 6.1AIMediumAI2025-12-09
CVE-2025-9371 Betheme <= 28.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'page_title' — BethemeCWE-79 6.4 Medium2025-10-09
CVE-2025-7399 Betheme <= 28.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting — BethemeCWE-79 6.4 Medium2025-08-06
CVE-2025-3077 Betheme <= 28.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting — BethemeCWE-79 6.4 Medium2025-04-16
CVE-2025-0450 Betheme <= 27.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom JS — BethemeCWE-79 6.4 Medium2025-01-21
CVE-2024-5567 Betheme | Responsive Multipurpose WordPress & WooCommerce Theme <= 27.5.5 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File — BethemeCWE-79 6.4 Medium2024-09-13
CVE-2024-2694 Betheme <= 27.5.6 - Authenticated (Contributor+) PHP Object Injection — BethemeCWE-502 8.8 High2024-08-30
CVE-2024-3998 Betheme | Responsive Multipurpose WordPress & WooCommerce Theme <= 27.5.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — BethemeCWE-79 6.4 Medium2024-08-30
CVE-2023-39998 WordPress BeTheme theme <= 27.1.1 - Author+ Broken Access Control vulnerability — BethemeCWE-862 8.2 High2024-06-19
CVE-2022-45356 WordPress Betheme premium theme <= 26.6.1 - Broken Access Control vulnerability — BethemeCWE-862 5.4 Medium2024-03-25
CVE-2022-45352 WordPress Betheme premium theme <= 26.6.1 - Broken Access Control vulnerability — BethemeCWE-862 5.4 Medium2024-03-25
CVE-2022-45351 WordPress Betheme premium theme <= 26.6.1 - Broken Access Control vulnerability — BethemeCWE-862 5.4 Medium2024-03-25
CVE-2022-45349 WordPress Betheme premium theme <= 26.6.1 - Broken Access Control vulnerability — BethemeCWE-862 4.3 Medium2024-03-25
CVE-2023-29101 WordPress Betheme Theme <= 26.7.5 is vulnerable to Cross Site Scripting (XSS) — BethemeCWE-79 7.1 High2023-05-10
CVE-2022-45353 WordPress Betheme theme <= 26.6.1 is vulnerable to Broken Access Control — BethemeCWE-863 4.3 Medium2023-01-14
CVE-2022-3747 Becustom <= 1.0.5.2 - Cross-Site Request Forgery — BecustomCWE-352 8.8 High2022-11-29
CVE-2022-45363 WordPress Betheme premium theme <= 26.6.1 - Auth. Stored Cross-Site Scripting (XSS) vulnerability — BethemeCWE-79 5.4 Medium2022-11-22
CVE-2022-3861 Betheme <= 26.5.1.4 - Authenticated (Subscriber+) PHP Object Injection — BethemeCWE-502 8.8 High2022-11-21
CVE-2022-45077 WordPress Betheme theme <= 26.5.1.4 - Auth. PHP Object Injection vulnerability — Betheme (WordPress theme) 6.3 Medium2022-11-17

This page lists every published CVE security advisory associated with MuffinGroup. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.