Skip to main content

Grand Blog

1 CVEs product

Monthly

CVE-2026-39632 MEDIUM This Month

Cross-Site Request Forgery (CSRF) in ThemeGoods Grand Blog theme through version 3.1 allows unauthenticated remote attackers to perform unauthorized actions on behalf of authenticated users via specially crafted requests. The vulnerability requires user interaction (clicking a malicious link or visiting a compromised page) but carries a high integrity impact, enabling attackers to modify site content, settings, or user accounts without the victim's knowledge.

CSRF Grand Blog
NVD
CVSS 3.1
6.5
EPSS
0.0%
EPSS 0% CVSS 6.5
MEDIUM This Month

Cross-Site Request Forgery (CSRF) in ThemeGoods Grand Blog theme through version 3.1 allows unauthenticated remote attackers to perform unauthorized actions on behalf of authenticated users via specially crafted requests. The vulnerability requires user interaction (clicking a malicious link or visiting a compromised page) but carries a high integrity impact, enabling attackers to modify site content, settings, or user accounts without the victim's knowledge.

CSRF Grand Blog
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy