CVE-2025-32926 – This path traversal vulnerability in the Grand ... (How to Fix)

📋 TL;DR

This path traversal vulnerability in the Grand Restaurant WordPress theme allows attackers to access files outside the intended directory. If exploited, it can lead to PHP object injection and potentially remote code execution. All WordPress sites using Grand Restaurant theme versions up to 7.0 are affected.

💻 Affected Systems

Products:

Grand Restaurant WordPress Theme

Versions: n/a through 7.0

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects WordPress installations with the Grand Restaurant theme active.

📦 What is this software?

Grand Restaurant by Themegoods

View all CVEs affecting Grand Restaurant →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data theft, and website defacement.

🟠

Likely Case

File system access allowing sensitive file disclosure (config files, credentials) and PHP object injection.

🟢

If Mitigated

Limited impact if proper web application firewalls and file permission controls are in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Path traversal can be exploited via HTTP requests without authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 7.1 or later

Vendor Advisory: https://patchstack.com/database/wordpress/theme/grandrestaurant/vulnerability/wordpress-grand-restaurant-wordpress-theme-7-0-path-traversal-to-php-object-injection-vulnerability?_s_id=cve

Restart Required: No

Instructions:

1. Log into WordPress admin panel
2. Navigate to Appearance > Themes
3. Update Grand Restaurant theme to version 7.1 or later
4. Clear any caching plugins/CDN caches

🔧 Temporary Workarounds

Web Application Firewall Rule

all

Block path traversal patterns in HTTP requests

WAF specific - configure to block requests containing '../', '..\', or absolute paths

Theme Deactivation

linux

Temporarily disable the vulnerable theme

wp theme deactivate grandrestaurant

🧯 If You Can't Patch

Disable the Grand Restaurant theme and switch to a secure alternative
Implement strict file permission controls on the web server

🔍 How to Verify

Check if Vulnerable:

Check WordPress theme version in Appearance > Themes or use: wp theme list --field=name,version

Check Version:

wp theme list --field=name,status,version | grep grandrestaurant

Verify Fix Applied:

Confirm Grand Restaurant theme version is 7.1 or higher

📡 Detection & Monitoring

Log Indicators:

HTTP requests containing '../' patterns
Access to unusual file paths in web logs
PHP error logs showing unserialize() warnings

Network Indicators:

HTTP requests with directory traversal sequences
Unusual file access patterns to theme directories

SIEM Query:

web_access_logs WHERE url CONTAINS '../' OR url CONTAINS '..\'

📊 Metadata

CVE ID: CVE-2025-32926

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-22

EPSS Score: 0.18% exploit probability (39.5th percentile)

Published: May 19, 2025

Last Updated: June 9, 2025

🔗 References

https://patchstack.com/database/wordpress/theme/grandrestaurant/vulnerability/wordpress-grand-restaurant-wordpress-theme-7-0-path-traversal-to-php-object-injection-vulnerability?_s_id=cve Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-32926, you might also want to check these: