CVE-2022-45363 MEDIUM

CVE-2022-45363: WordPress Betheme premium theme <= 26.6.1 - Auth. Stored Cross-Site Scripting (XSS) vulnerability

Vendor Muffingroup
Product Betheme
Weakness CWE-79 · XSS
Published November 22, 2022
Last update April 28, 2026
View on NVD All CVEs

CVSS base score

5.4/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

What the vulnerability does

01Description

Auth. (subscriber+) Stored Cross-Site Scripting (XSS) in Muffingroup Betheme theme <= 26.6.1 on WordPress.

Key dates

02Disclosure timeline

November 22, 2022 CVE published
April 28, 2026 Record updated

Related vulnerabilities

04Related CVE

CVE-2025-31058 WordPress Revolution Video Player plugin <= 2.9.2 - Reflected Cross Site Scripting (XSS) vulnerability CVE-2024-56025 WordPress AdWork Media EZ Content Locker plugin <= 3.0 - Reflected Cross Site Scripting (XSS) vulnerability CVE-2022-44735 WordPress WP Clictracker Plugin <= 1.0.5 is vulnerable to Cross Site Scripting (XSS) CVE-2024-54224 WordPress ElementsReady Addons for Elementor plugin <= 6.4.7 - Cross Site Scripting (XSS) vulnerability CVE-2024-11684 Kudos Donations – Easy donations and payments with Mollie <= 3.2.9 - Reflected Cross-Site Scripting