Ellucian Ethos Identity CAS - Cross-Site Scripting

A vulnerability was found in Ellucian Ethos Identity up to 5.10.5. It has been classified as problematic. Affected is an unknown function of the file /cas/logout. The manipulation of the argument url leads to cross site scripting. It is possible to launch the attack remotely. id: CVE-2023-2822...

EUVD-2025-38097

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Elementor thegem-elementor.This issue affects TheGem Elementor: from n/a through = 5.10.5...

CVE-2025-62046 WordPress TheGem Demo Import (for WPBakery) plugin <= 5.10.5 - Arbitrary Content Deletion vulnerability

Missing Authorization vulnerability in CodexThemes TheGem Demo Import for WPBakery thegem-importer.This issue affects TheGem Demo Import for WPBakery: from n/a through = 5.10.5...

CVE-2025-62011 WordPress TheGem theme <= 5.10.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem thegem.This issue affects TheGem: from n/a through = 5.10.5...

PT-2025-45291

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Elementor thegem-elementor.This issue affects TheGem Elementor: from n/a through = 5.10.5...

PT-2025-45290

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem thegem.This issue affects TheGem: from n/a through = 5.10.5...

PT-2025-45311

Missing Authorization vulnerability in CodexThemes TheGem Demo Import for WPBakery thegem-importer.This issue affects TheGem Demo Import for WPBakery: from n/a through = 5.10.5...

CVE-2025-60096

Missing Authorization vulnerability in CodexThemes TheGem Elementor thegem-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TheGem Elementor: from n/a through = 5.10.5...

WordPress TheGem Theme <= 5.10.5 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Rafie Muhammad Patchstack in WordPress Theme TheGem versions = 5.10.5...

WordPress TheGem (Elementor) Theme <= 5.10.5 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Rafie Muhammad Patchstack in WordPress Theme TheGem Elementor versions = 5.10.5...

CVE-2025-60097

Missing Authorization vulnerability in CodexThemes TheGem thegem allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TheGem: from n/a through = 5.10.5...

CVE-2025-60096 WordPress TheGem (Elementor) Theme <= 5.10.5 - Broken Access Control Vulnerability

Missing Authorization vulnerability in CodexThemes TheGem Elementor thegem-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TheGem Elementor: from n/a through = 5.10.5...

CVE-2025-60096 WordPress TheGem (Elementor) Theme <= 5.10.5 - Broken Access Control Vulnerability

Missing Authorization vulnerability in CodexThemes TheGem Elementor thegem-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TheGem Elementor: from n/a through = 5.10.5...

CVE-2025-60096

Technical details about CVE-2025-60096 (TheGem/TheGem Elementor) are not provided in the supplied documents. Public information on affected versions, impact, root cause, and remediation is not available here; monitor for updates from official advisories and vendor disclosures.

WordPress Element Pack Elementor Addons plugin <= 5.10.5 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Lightbox Widget vulnerability

Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting via Lightbox Widget vulnerability discovered by zer0gh0st in WordPress Plugin Element Pack Elementor Addons versions = 5.10.5...

CVE-2023-2822

A vulnerability was found in Ellucian Ethos Identity up to 5.10.5. It has been classified as problematic. Affected is an unknown function of the file /cas/logout. The manipulation of the argument url leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been...

CVE-2023-2822

A vulnerability was found in Ellucian Ethos Identity up to 5.10.5. It has been classified as problematic. Affected is an unknown function of the file /cas/logout. The manipulation of the argument url leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been...

@agentlab/ldkg-ui-basetable (=0.1.1), @agentlab/ldkg-ui-charts (>=0.1.2 <=0.1.7) +327 more potentially affected by CVE-2022-23494 via tinymce (>=4.5.1 <=5.10.5)

tinymce NPM version =4.5.1, =0.1.2, =0.3.7, =0.1.17, =1.0.0, =1.0.0, =1.33.0, =1.0.0-alpha.39-baliz, =4.3.0, =0.5.0, =0.1.0, =0.0.4, =0.1.2, =0.8.4, =0.8.5 and more Source cves: CVE-2022-23494 Source advisory: OSV:GHSA-GG8R-XJWQ-4W92...