CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

60 matches found

NVD•added 2026/04/27 12:16 p.m.•3 views

CVE-2026-42410

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Theme Elements for Elementor allows DOM-Based XSS.This issue affects TheGem Theme Elements for Elementor: from n/a before 5.12.1.1...

6.5CVSS0.00039EPSS

Exploits0References1

Cvelist•added 2026/04/27 10:41 a.m.•22 views

CVE-2026-42410 WordPress TheGem theme Elements (for Elementor) plugin < 5.12.1.1 - Cross Site Scripting (XSS) vulnerability

6.5CVSS0.00039EPSS

Exploits0References1

EUVD•added 2026/04/27 10:41 a.m.•0 views

EUVD-2026-25822

6.5CVSS5.2AI score0.00039EPSS

Exploits0References1

ATTACKERKB•added 2026/04/27 10:41 a.m.•3 views

CVE-2026-42410

6.5CVSS5.2AI score0.00039EPSS

Exploits0References2

CVE•added 2026/04/27 10:41 a.m.•3 views

CVE-2026-42410

The CVE-2026-42410 entry describes a DOM-based XSS in the WordPress TheGem Theme Elements (for Elementor) plugin, affecting versions before 5.12.1.1. Root cause: improper neutralization of input during web page generation. Impact is limited to client-side data integrity and potential user-facing ...

6.5CVSS5.2AI score0.00039EPSS

Exploits0References1

Patchstack•added 2026/04/27 10:39 a.m.•3 views

WordPress TheGem theme Elements (for Elementor) plugin < 5.12.1.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin TheGem Theme Elements for Elementor versions 5.12.1.1...

6.5CVSS5AI score0.00039EPSS

Exploits0Affected Software1

CNNVD•added 2026/04/27 12:0 a.m.•6 views

WordPress Plugin TheGem Theme Elements for Elementor 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the...

6.5CVSS5.7AI score0.00039EPSS

Exploits0References1

RedhatCVE•added 2026/01/23 9:16 p.m.•2 views

CVE-2025-63026

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Grand Restaurant Theme Elements for Elementor grandrestaurant-elementor allows Stored XSS.This issue affects Grand Restaurant Theme Elements for Elementor: from n/a through = 2.1.1...

6.5CVSS5.4AI score0.00019EPSS

Exploits0References1

ATTACKERKB•added 2026/01/22 4:51 p.m.•0 views

CVE-2025-63026

5.4CVSS5.3AI score0.00019EPSS

Exploits0References2

Positive Technologies•added 2026/01/22 12:0 a.m.•1 views

PT-2026-4001

Name of the Vulnerable Software and Affected Versions ThemeGoods Grand Restaurant Theme Elements for Elementor versions through 2.1.1 Description The software contains a flaw related to improper input handling during web page generation, which can lead to Cross-site Scripting XSS. This allows for...

5.3AI score0.00019EPSS

Exploits0References3

Patchstack•added 2026/01/10 4:50 p.m.•7 views

WordPress TheGem Theme Elements (for WPBakery) plugin <= 5.11.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin TheGem Theme Elements for WPBakery versions = 5.11.0...

6.5CVSS5.9AI score0.00064EPSS

Exploits0Affected Software1

Patchstack•added 2026/01/10 3:29 a.m.•3 views

WordPress TheGem Theme Elements (for Elementor) plugin <= 5.11.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin TheGem Theme Elements for Elementor versions = 5.11.0...

6.5CVSS5.9AI score0.00064EPSS

Exploits0Affected Software1

Patchstack•added 2026/01/10 12:22 a.m.•5 views

WordPress TheGem Theme Elements (for Elementor) plugin <= 5.11.0 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin TheGem Theme Elements for Elementor versions = 5.11.0...

7.5CVSS6.9AI score0.0022EPSS

Exploits0Affected Software1

RedhatCVE•added 2026/01/08 3:15 a.m.•3 views

CVE-2025-69357

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor allows Stored XSS.This issue affects TheGem Theme Elements for Elementor: from n/a through = 5.11.0...

6.5CVSS6AI score0.00064EPSS

Exploits0References1

RedhatCVE•added 2026/01/08 3:15 a.m.•3 views

CVE-2025-69360

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Theme Elements for WPBakery thegem-elements allows DOM-Based XSS.This issue affects TheGem Theme Elements for WPBakery: from n/a through = 5.11.0...

6.5CVSS6.4AI score0.00064EPSS

Exploits0References1

NVD•added 2026/01/06 5:15 p.m.•2 views

CVE-2025-69357

6.5CVSS0.00064EPSS

Exploits0References1

NVD•added 2026/01/06 5:15 p.m.•1 views

CVE-2025-69360

6.5CVSS0.00064EPSS

Exploits0References1

Cvelist•added 2026/01/06 4:36 p.m.•22 views

CVE-2025-69357 WordPress TheGem Theme Elements (for Elementor) plugin <= 5.11.0 - Cross Site Scripting (XSS) vulnerability

6.5CVSS0.00064EPSS

Exploits0References1

CVE•added 2026/01/06 4:36 p.m.•8 views

CVE-2025-69360

CVE-2025-69360 affects TheGem Theme Elements (for WPBakery) up to version 5.11.0. The connected Wordfence source associates authenticated (Contributor+) XSS (DOM-based/Stored depending on entry) with TheGem Theme Elements and notes patching to a fixed release. If using affected versions, an attac...

6.5CVSS6AI score0.00064EPSS

Exploits0References1

Vulnrichment•added 2026/01/06 4:36 p.m.•3 views

CVE-2025-69357 WordPress TheGem Theme Elements (for Elementor) plugin <= 5.11.0 - Cross Site Scripting (XSS) vulnerability

5.6AI score0.00064EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by