Themegoods Grand Restaurant vulnerabilities
7 known vulnerabilities affecting themegoods/grand_restaurant.
Total CVEs
7
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH2MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2026-23542P2CRITICALCVSS 9.8≤ 7.0.102026-02-19
CVE-2026-23542 [CRITICAL] CWE-502 CVE-2026-23542: Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Restaurant grandrestaurant allow
Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Restaurant grandrestaurant allows Object Injection.This issue affects Grand Restaurant: from n/a through <= 7.0.10.
nvd
CVE-2025-32926P2CRITICALCVSS 9.8≤ 7.02025-05-19
CVE-2025-32926 [CRITICAL] CWE-22 CVE-2025-32926: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Them
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ThemeGoods Grand Restaurant grandrestaurant allows Path Traversal.This issue affects Grand Restaurant: from n/a through <= 7.0.
nvd
CVE-2025-39348P3CRITICALCVSS 9.8≤ 7.02025-05-19
CVE-2025-39348 [CRITICAL] CWE-502 CVE-2025-39348: Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Restaurant grandrestaurant allow
Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Restaurant grandrestaurant allows Object Injection.This issue affects Grand Restaurant: from n/a through <= 7.0.
nvd
CVE-2025-39352P3HIGHCVSS 8.2≤ 7.02025-05-19
CVE-2025-39352 [HIGH] CWE-862 CVE-2025-39352: Missing Authorization vulnerability in ThemeGoods Grand Restaurant grandrestaurant allows Exploiting
Missing Authorization vulnerability in ThemeGoods Grand Restaurant grandrestaurant allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Grand Restaurant: from n/a through <= 7.0.
nvd
CVE-2025-39353P4MEDIUMCVSS 5.3≤ 7.02025-05-19
CVE-2025-39353 [MEDIUM] CWE-862 CVE-2025-39353: Missing Authorization vulnerability in ThemeGoods Grand Restaurant grandrestaurant allows Exploiting
Missing Authorization vulnerability in ThemeGoods Grand Restaurant grandrestaurant allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Grand Restaurant: from n/a through <= 7.0.
nvd
CVE-2025-67922P4HIGHCVSS 7.1fixed in 7.0.9≤ 7.0.92026-01-08
CVE-2025-67922 [HIGH] CWE-79 CVE-2025-67922: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Grand Restaurant grandrestaurant allows Reflected XSS.This issue affects Grand Restaurant: from n/a through < 7.0.9.
nvd
CVE-2025-39351P4MEDIUMCVSS 4.3≤ 7.02025-05-19
CVE-2025-39351 [MEDIUM] CWE-352 CVE-2025-39351: Cross-Site Request Forgery (CSRF) vulnerability in ThemeGoods Grand Restaurant grandrestaurant allow
Cross-Site Request Forgery (CSRF) vulnerability in ThemeGoods Grand Restaurant grandrestaurant allows Cross Site Request Forgery.This issue affects Grand Restaurant: from n/a through <= 7.0.
nvd