Grand Photography

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-39603 MEDIUM This Month

Cross-Site Request Forgery (CSRF) in ThemeGoods Grand Photography WordPress theme versions up to 5.7.8 allows unauthenticated remote attackers to perform unauthorized actions on behalf of authenticated users through crafted requests. The vulnerability requires user interaction (clicking a malicious link) but carries low real-world exploitation risk, with an EPSS score of 0.01% indicating minimal practical likelihood of attack despite the moderate CVSS 5.4 rating.

CSRF Grand Photography

NVD

CVSS 3.1

5.4

EPSS

0.0%

CVE-2026-39603

EPSS 0% CVSS 5.4

MEDIUM This Month

Cross-Site Request Forgery (CSRF) in ThemeGoods Grand Photography WordPress theme versions up to 5.7.8 allows unauthenticated remote attackers to perform unauthorized actions on behalf of authenticated users through crafted requests. The vulnerability requires user interaction (clicking a malicious link) but carries low real-world exploitation risk, with an EPSS score of 0.01% indicating minimal practical likelihood of attack despite the moderate CVSS 5.4 rating.

CSRF Grand Photography

NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy