Grand Magazine

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-39635 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in ThemeGoods Grand Magazine WordPress theme versions up to 3.5.5 allows unauthenticated attackers to perform unauthorized actions on behalf of authenticated users via crafted malicious web pages. The vulnerability requires user interaction (clicking a link or visiting a malicious page) but carries low real-world exploitation probability despite the moderate CVSS score, as reflected by an EPSS score of 0.01% (1st percentile). No public exploit code or active exploitation has been confirmed at time of analysis.

CSRF Grand Magazine

NVD

CVSS 3.1

5.4

EPSS

0.0%

CVE-2026-39635

EPSS 0% CVSS 5.4

MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in ThemeGoods Grand Magazine WordPress theme versions up to 3.5.5 allows unauthenticated attackers to perform unauthorized actions on behalf of authenticated users via crafted malicious web pages. The vulnerability requires user interaction (clicking a link or visiting a malicious page) but carries low real-world exploitation probability despite the moderate CVSS score, as reflected by an EPSS score of 0.01% (1st percentile). No public exploit code or active exploitation has been confirmed at time of analysis.

CSRF Grand Magazine

NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy