Access Control Issues in The Grid Plugin by Theme-one
CVE-2026-24368

Currently unrated

Key Information:

Vendor: WordPress
Status: The Grid
Vendor: CVE Published:; 22 January 2026

What is CVE-2026-24368?

A vulnerability has been identified in The Grid plugin by Theme-one, resulting from improperly configured access control mechanisms. This issue allows unauthorized users to exploit the system, potentially leading to unauthorized actions on the affected WordPress installations. Users are urged to update to the latest version to mitigate the risks associated with this vulnerability.

Affected Version(s)

The Grid <= n/a

References

https://patchstack.com/database/Wordpress/Plugin/the-grid...

vdb-entry

Timeline

Vulnerability published
Jan 22, 2026
Vulnerability Reserved
Jan 22, 2026

Credit

Phat RiO | Patchstack Bug Bounty Program

JSON