PT-2026-31198 · Themegoods · Grand Car Rental

Published

2026-04-08

Updated

2026-04-12

CVE-2026-39633

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions ThemeGoods Grand Car Rental versions through 3.6.9

Description A Cross-Site Request Forgery (CSRF) vulnerability exists in ThemeGoods Grand Car Rental. This allows attackers to perform actions on behalf of authenticated users without their knowledge. The vulnerability allows Cross Site Request Forgery.

Recommendations Update to a version greater than 3.6.9.

Fix

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-352

Related Identifiers

CVE-2026-39633

Affected Products

Grand Car Rental

PT-2026-31198 · Themegoods · Grand Car Rental

CVE-2026-39633

Weakness Enumeration

Related Identifiers

Affected Products

References · 3