Lucene search
K

13 matches found

NVD
NVD
added yesterday5 views

CVE-2026-57804

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor allows PHP Local File Inclusion.This issue affects TheGem Theme Elements for Elementor: from n/a through...

7.5CVSS0.00496EPSS
Exploits0References1
CVE
CVE
added yesterday13 views

CVE-2026-57804

CVE-2026-57804 describes an PHP Local File Inclusion in CodexThemes TheGem Theme Elements (for Elementor), specifically TheGem Theme Elements for Elementor up to version 5.11.1. The issue arises from improper control of the filename used in include/require statements, enabling an attacker with au...

7.5CVSS6.1AI score0.00496EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/27 10:41 a.m.3 views

CVE-2026-42410 WordPress TheGem theme Elements (for Elementor) plugin < 5.12.1.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Theme Elements for Elementor allows DOM-Based XSS.This issue affects TheGem Theme Elements for Elementor: from n/a before 5.12.1.1...

6.5CVSS5.2AI score0.00127EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.11 views

PT-2026-35398

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Theme Elements for Elementor allows DOM-Based XSS.This issue affects TheGem Theme Elements for Elementor: from n/a before 5.12.1.1...

6.5CVSS5.2AI score0.00127EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/08 3:15 a.m.6 views

CVE-2025-69357

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor allows Stored XSS.This issue affects TheGem Theme Elements for Elementor: from n/a through = 5.11.0...

6.5CVSS6AI score0.00133EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/08 3:15 a.m.14 views

CVE-2025-69356

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor allows PHP Local File Inclusion.This issue affects TheGem Theme Elements for Elementor: from n/a through...

7.5CVSS7.1AI score0.00331EPSS
Exploits0References1
NVD
NVD
added 2026/01/06 5:15 p.m.10 views

CVE-2025-69356

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor allows PHP Local File Inclusion.This issue affects TheGem Theme Elements for Elementor: from n/a through...

7.5CVSS0.00331EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/24 11:37 a.m.5 views

CVE-2025-68559

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor.This issue affects TheGem Theme Elements for Elementor: from n/a through = 5.10.5.1...

6.5CVSS5.9AI score0.00133EPSS
Exploits0References1
NVD
NVD
added 2025/12/23 12:15 p.m.4 views

CVE-2025-68559

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor.This issue affects TheGem Theme Elements for Elementor: from n/a through = 5.10.5.1...

6.5CVSS0.00133EPSS
Exploits0References1
NVD
NVD
added 2025/12/23 12:15 p.m.11 views

CVE-2025-68560

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor.This issue affects TheGem Theme Elements for Elementor: from n/a through = 5.10.5.1...

7.5CVSS0.00322EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/23 11:36 a.m.6 views

EUVD-2025-204792

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CodexThemes TheGem Theme Elements for Elementor.This issue affects TheGem Theme Elements for Elementor: from n/a through 5.10.5.1...

7.5CVSS6.6AI score0.00322EPSS
Exploits0References2
CVE
CVE
added 2025/11/06 3:55 p.m.24 views

CVE-2025-62045

CVE-2025-62045 is a Local File Inclusion vulnerability in the WordPress plugin TheGem Theme Elements (for WPBakery) — TheGem Elements (thegem-elements). Affected versions are up to 5.10.5.1. Root cause: improper control of the filename used in include/require statements in PHP, enabling LFI. Impa...

8.1CVSS6.7AI score0.0049EPSS
Exploits0References1
CVE
CVE
added 2025/11/06 3:55 p.m.23 views

CVE-2025-62044

CVE-2025-62044 corresponds to a cross-site scripting (XSS) vulnerability in TheGem Theme Elements (for WPBakery) by CodexThemes. Multiple connected sources (NVD/Red Hat/EUVD/Wordfence/PATCHSTACK) confirm the issue affects TheGem Theme Elements (for WPBakery): input neutralization during web page ...

6.5CVSS6AI score0.00244EPSS
Exploits0References1
Rows per page
Query Builder