Grand Wedding Software Allows Unwanted Data to be Injected

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

8.1

Grand Wedding Software Allows Unwanted Data to be Injected

CVE-2026-22417

Summary

Grand Wedding software versions 3.1.0 and earlier allow attackers to inject malicious data into the system, which could enable unauthorized access or actions. This vulnerability affects the Grand Wedding software, and users should update to the latest version to prevent potential security risks. Immediate action is recommended to patch the issue.

Original title

Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Wedding grandwedding allows Object Injection.This issue affects Grand Wedding: from n/a through <= 3.1.0.

Original description

Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Wedding grandwedding allows Object Injection.This issue affects Grand Wedding: from n/a through <= 3.1.0.

Vulnerability type

CWE-502 Deserialization of Untrusted Data

https://patchstack.com/database/Wordpress/Theme/grandwedding/vulnerability/wordp...

Published: 5 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026