CVE-2025-32926 – ThemeGoods Grand Restaurant WordPress Path Traversal Vulnerability

May 19, 2025

CVE ID : CVE-2025-32926

Published : May 19, 2025, 8:15 p.m. | 3 hours, 59 minutes ago

Description : Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in ThemeGoods Grand Restaurant WordPress allows Path Traversal.This issue affects Grand Restaurant WordPress: from n/a through 7.0.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-32927 – Chimpstudio FoodBakery Deserialization of Untrusted Data Object Injection Vulnerability

Next Article CVE-2025-32925 – FantasticPlugins SUMO Reward Points PHP Remote File Inclusion

Highlights

CVE-2025-6701 – Xuxueli xxl-sso Open Redirect Vulnerability

June 26, 2025

CVE ID : CVE-2025-6701

Published : June 26, 2025, 4:15 p.m. | 51 minutes ago

Description : A vulnerability, which was classified as problematic, has been found in Xuxueli xxl-sso 1.1.0. This issue affects some unknown processing of the file /xxl-sso-server/doLogin. The manipulation of the argument redirect_url leads to open redirect. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

10 Top Node.js Development Companies for Enterprise-Scale Projects (2025-2026 Ranked & Reviewed)

12 Must-Know Cost Factors When Hiring Node.js Developers for Your Enterprise

Mirantis reveals Lens Prism, an AI copilot for operating Kubernetes clusters

Avoid these common platform engineering mistakes

“A fantastic device for creative users” — this $550 discount on ASUS’s 3K OLED creator laptop disappears before Prime Day

Distribution Release: Rhino Linux 2025.3

Just days after joining Game Pass, the Xbox PC edition of Call of Duty: WW2 is taken offline for “an issue”

Xbox layoffs and game cuts wreak havoc on talented developers and the company’s future portfolio — Weekend discussion 💬

Flaget – new small 5kB CLI argument parser

Flaget – new small 5kB CLI argument parser

The dog days of JavaScript summer

Databricks Lakebase – Database Branching in Action

Fixing ‘failed to synchronize all databases’ Pacman Error in Arch Linux

Fixing ‘failed to synchronize all databases’ Pacman Error in Arch Linux

“A fantastic device for creative users” — this $550 discount on ASUS’s 3K OLED creator laptop disappears before Prime Day

Distribution Release: Rhino Linux 2025.3

CVE-2025-32926 – ThemeGoods Grand Restaurant WordPress Path Traversal Vulnerability

CISA Adds 3 Flaws to KEV Catalog, Impacting AMI MegaRAC, D-Link, Fortinet

Citrix Releases Emergency Patches for Actively Exploited CVE-2025-6543 in NetScaler ADC

Microsoft lays off another 305 employees, this time closer to home

CVE-2025-6031 – Amazon Cloud Cam SSL Pinning Bypass

CVSS 10.0 Vulnerability Found in Ubiquity UniFi Protect Cameras

How to Guide Your Clients to the Best WordPress Solutions

CVE-2025-6701 – Xuxueli xxl-sso Open Redirect Vulnerability

The Creative World of Srinidhi Ranganathan and Flying Fishes

Build responsible AI applications with Amazon Bedrock Guardrails

CVE-2025-6844 – Simple Forum SQL Injection Vulnerability

CVE-2025-32926 – ThemeGoods Grand Restaurant WordPress Path Traversal Vulnerability

Related Posts