Grand Restaurant Data Injection Risk through Untrusted Input

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

9.8

Grand Restaurant Data Injection Risk through Untrusted Input

CVE-2026-23542

Summary

The Grand Restaurant software is vulnerable to a data injection risk. This means that an attacker could potentially inject malicious data into the system, which could lead to unauthorized actions or data corruption. To protect your business, update to version 7.0.11 or later.

Original title

Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Restaurant grandrestaurant allows Object Injection.This issue affects Grand Restaurant: from n/a through <= 7.0.10.

Original description

Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Restaurant grandrestaurant allows Object Injection.This issue affects Grand Restaurant: from n/a through <= 7.0.10.

nvd CVSS3.1 9.8

Vulnerability type

CWE-502 Deserialization of Untrusted Data

https://patchstack.com/database/Wordpress/Theme/grandrestaurant/vulnerability/wo...

Published: 19 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026