13 matches found
CVE-2026-57804
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor allows PHP Local File Inclusion.This issue affects TheGem Theme Elements for Elementor: from n/a through...
CVE-2026-57804
CVE-2026-57804 describes an PHP Local File Inclusion in CodexThemes TheGem Theme Elements (for Elementor), specifically TheGem Theme Elements for Elementor up to version 5.11.1. The issue arises from improper control of the filename used in include/require statements, enabling an attacker with au...
CVE-2026-42410 WordPress TheGem theme Elements (for Elementor) plugin < 5.12.1.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Theme Elements for Elementor allows DOM-Based XSS.This issue affects TheGem Theme Elements for Elementor: from n/a before 5.12.1.1...
PT-2026-35398
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Theme Elements for Elementor allows DOM-Based XSS.This issue affects TheGem Theme Elements for Elementor: from n/a before 5.12.1.1...
CVE-2025-69357
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor allows Stored XSS.This issue affects TheGem Theme Elements for Elementor: from n/a through = 5.11.0...
CVE-2025-69356
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor allows PHP Local File Inclusion.This issue affects TheGem Theme Elements for Elementor: from n/a through...
CVE-2025-69356
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor allows PHP Local File Inclusion.This issue affects TheGem Theme Elements for Elementor: from n/a through...
CVE-2025-68559
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor.This issue affects TheGem Theme Elements for Elementor: from n/a through = 5.10.5.1...
CVE-2025-68559
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor.This issue affects TheGem Theme Elements for Elementor: from n/a through = 5.10.5.1...
CVE-2025-68560
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor.This issue affects TheGem Theme Elements for Elementor: from n/a through = 5.10.5.1...
EUVD-2025-204792
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CodexThemes TheGem Theme Elements for Elementor.This issue affects TheGem Theme Elements for Elementor: from n/a through 5.10.5.1...
CVE-2025-62045
CVE-2025-62045 is a Local File Inclusion vulnerability in the WordPress plugin TheGem Theme Elements (for WPBakery) — TheGem Elements (thegem-elements). Affected versions are up to 5.10.5.1. Root cause: improper control of the filename used in include/require statements in PHP, enabling LFI. Impa...
CVE-2025-62044
CVE-2025-62044 corresponds to a cross-site scripting (XSS) vulnerability in TheGem Theme Elements (for WPBakery) by CodexThemes. Multiple connected sources (NVD/Red Hat/EUVD/Wordfence/PATCHSTACK) confirm the issue affects TheGem Theme Elements (for WPBakery): input neutralization during web page ...