Lucene search
K

6 matches found

Cvelist
Cvelist
added 2025/12/29 11:18 p.m.26 views

CVE-2023-32238 WordPress TheGem theme < 5.8.1.1 - Broken Access Control vulnerability

Vulnerability in CodexThemes TheGem Elementor, CodexThemes TheGem WPBakery.This issue affects TheGem Elementor: from n/a before 5.8.1.1; TheGem WPBakery: from n/a before 5.8.1.1...

5.4CVSS0.00167EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/06 3:55 p.m.3 views

CVE-2025-62011 WordPress TheGem theme <= 5.10.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem thegem.This issue affects TheGem: from n/a through = 5.10.5...

6.5CVSS6AI score0.00193EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/11/06 3:55 p.m.8 views

CVE-2025-62011 WordPress TheGem theme <= 5.10.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem thegem.This issue affects TheGem: from n/a through = 5.10.5...

6.5CVSS0.00193EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/09/26 8:31 a.m.9 views

CVE-2025-60096 WordPress TheGem (Elementor) Theme <= 5.10.5 - Broken Access Control Vulnerability

Missing Authorization vulnerability in CodexThemes TheGem Elementor thegem-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TheGem Elementor: from n/a through = 5.10.5...

5.4CVSS0.00248EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/09/26 12:0 a.m.4 views

WordPress TheGem (Elementor) Theme <= 5.10.5 is vulnerable to Broken Access Control

Software TheGem Elementor Type Theme Vulnerable versions = 5.10.5 Fixed in 5.10.5.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2025-60096 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 2ce2db30c88d Credits Rafie Muhammad Patchstack...

5.4CVSS5.8AI score0.00248EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/05/13 12:0 a.m.4 views

PT-2025-20835 · WordPress · Thegem

Name of the Vulnerable Software and Affected Versions: TheGem theme for WordPress versions up to, and including, 5.10.3 Description: The issue arises from missing file type validation in the thegem get logo url function, allowing authenticated attackers with Subscriber-level access or higher to...

8.8CVSS9.1AI score0.01055EPSS
Exploits1References10
Rows per page
Query Builder