CVE-2022-3861

21.11.2022, 13:15

The Betheme theme for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 26.5.1.4 via deserialization of untrusted input supplied via the import, mfn-items-import-page, and mfn-items-import parameters passed through the mfn_builder_import, mfn_builder_import_page, importdata, importsinglepage, and importfromclipboard functions.  This makes it possible for authenticated attackers, with contributor level permissions and above to inject a PHP Object. The additional presence of a POP chain would make it possible for attackers to execute code, retrieve sensitive data, delete files, etc..

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	8.8 HIGH	NETWORK	LOW	LOW	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Wordfence	CNA	8.8 HIGH				CVSS:3.1/A:H/I:H/C:H/S:U/UI:N/PR:L/AC:L/AV:N
CVE	ADP	---				---
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 80%

Vendor	Product	Version
muffingroup	betheme	𝑥 < 26.6

𝑥

= Vulnerable software versions

Known Exploits!

Common Weakness Enumeration

CWE-502 - Deserialization of Untrusted Data
The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

References

https://github.com/MrTuxracer/advisories/blob/master/CVEs/CVE-2022-3861.txt

https://muffingroup.com/betheme/

https://www.wordfence.com/vulnerability-advisories-continued/#CVE-2022-3861

https://github.com/MrTuxracer/advisories/blob/master/CVEs/CVE-2022-3861.txt

https://muffingroup.com/betheme/

https://www.wordfence.com/vulnerability-advisories-continued/#CVE-2022-3861