Themes Vulnerabilities

Betheme < 26.6 - Contributor+ PHP Object Injection

Description

The plugin unserializes user input provided via the import, mfn-items-import-page, and mfn-items-import parameters passed through the mfn_builder_import, mfn_builder_import_page, importdata, importsinglepage, and importfromclipboard functions. This could allow users with a role as low as contributor to perform PHP Object Injection when a suitable gadget is present

Proof of Concept

Affects Themes

betheme
Fixed in 26.6

References

CVE
CVE-2022-3861
URL
https://github.com/MrTuxracer/advisories/blob/master/CVEs/CVE-2022-3861.txt

Classification

Type
OBJECT INJECTION
OWASP top 10
A8: Insecure Deserialization
CWE
CWE-502
CVSS
5.0 (medium)

Miscellaneous

Original Researcher
Julien Ahrens
Verified
No
WPVDB ID
7e81bf65-e3e3-452d-bcac-5954b1bfd4da

Timeline

Publicly Published
2022-11-21 (about 3 years ago)
Added
2022-11-21 (about 3 years ago)
Last Updated
2022-11-21 (about 3 years ago)

Other

Published
Title
Published
2024-11-18
Title
Quick Learn <= 1.0.1 - Unauthenticated PHP Object Injection
Published
2024-03-28
Title
Button < 1.1.28 - Contributor+ PHP Object Injection in button_shortcode
Published
2022-12-27
Title
Google Analyticator < 6.5.6 - Admin+ PHP Object Injection
Published
2024-01-30
Title
ProductX – WooCommerce Builder & Gutenberg WooCommerce Blocks < 3.1.5 - PHP Object Injection via wopb_wishlist and wopb_compare
Published
2023-12-27
Title
Active Products Tables for WooCommerce < 1.0.6.1 - Unauthenticated PHP Object Injection