CVE-2026-27353

Name of the Vulnerable Software and Affected Versions ThemeGoods Grand News versions through 3.4.3

Description The software contains a flaw related to improper input handling during web page creation, specifically a Reflected Cross-site Scripting issue. This allows for the injection of malicious scripts into web pages. The vulnerability affects the grandnews component.

Recommendations Update ThemeGoods Grand News to a version later than 3.4.3.