Grand Blog
Monthly
Cross-Site Request Forgery (CSRF) in ThemeGoods Grand Blog theme through version 3.1 allows unauthenticated remote attackers to perform unauthorized actions on behalf of authenticated users via specially crafted requests. The vulnerability requires user interaction (clicking a malicious link or visiting a compromised page) but carries a high integrity impact, enabling attackers to modify site content, settings, or user accounts without the victim's knowledge.
Cross-Site Request Forgery (CSRF) in ThemeGoods Grand Blog theme through version 3.1 allows unauthenticated remote attackers to perform unauthorized actions on behalf of authenticated users via specially crafted requests. The vulnerability requires user interaction (clicking a malicious link or visiting a compromised page) but carries a high integrity impact, enabling attackers to modify site content, settings, or user accounts without the victim's knowledge.