CVE-2025-68574 WordPress WPBakery Visual Composer WHMCS Elements plugin <= 1.0.4.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in voidcoders WPBakery Visual Composer WHMCS Elements void-visual-whmcs-element allows DOM-Based XSS.This issue affects WPBakery Visual Composer WHMCS Elements: from n/a through = 1.0.4.3...

CVE-2025-68574

CVE-2025-68574 affects Innovs WPBakery Visual Composer WHMCS Elements (void-visual-whmcs-element) and is linked to versions

CVE-2025-68559

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor.This issue affects TheGem Theme Elements for Elementor: from n/a through = 5.10.5.1...

CVE-2025-68560

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor.This issue affects TheGem Theme Elements for Elementor: from n/a through = 5.10.5.1...

CVE-2025-68731

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix an integer overflow in aie2queryctxstatusarray The unpublished smatch static checker reported a warning. drivers/accel/amdxdna/aie2pci.c:904 aie2queryctxstatusarray warn: potential user controlled sizeof overfl...

SUSE CVE-2025-66400

mdast-util-to-hast is an mdast utility to transform to hast. From 13.0.0 to before 13.2.1, multiple unprefixed classnames could be added in markdown source by using character references. This could make rendered user supplied markdown code elements appear like the rest of the page. This...

PT-2025-53262

Name of the Vulnerable Software and Affected Versions WPBakery Visual Composer WHMCS Elements versions through 1.0.4.3 Description The software contains a flaw related to improper input handling during web page generation, specifically a DOM-Based Cross-site Scripting issue. This allows for the...

PT-2025-52924

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An integer overflow exists in the aie2 query ctx status array function within the amdxdna component of the Linux kernel. The issue was identified by a static checker and involves a...

CVE-2025-68559

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor.This issue affects TheGem Theme Elements for Elementor: from n/a through = 5.10.5.1...

CVE-2025-68560

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor.This issue affects TheGem Theme Elements for Elementor: from n/a through = 5.10.5.1...

CVE-2025-68559 WordPress TheGem Theme Elements (for Elementor) plugin <= 5.10.5.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor.This issue affects TheGem Theme Elements for Elementor: from n/a through = 5.10.5.1...

CVE-2025-68559 WordPress TheGem Theme Elements (for Elementor) plugin <= 5.10.5.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor.This issue affects TheGem Theme Elements for Elementor: from n/a through = 5.10.5.1...

EUVD-2025-204791

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Theme Elements for Elementor.This issue affects TheGem Theme Elements for Elementor: from n/a through 5.10.5.1...

CVE-2025-68559

TheGem Theme Elements (for Elementor) WordPress plugin is vulnerable to Cross‑Site Scripting (XSS) due to improper input neutralization during web page generation. Affected versions are up to 5.10.5.1. Risk is mitigated by upgrading to a version later than 5.10.5.1, per multiple sources describin...

CVE-2025-68560

The CVE describes an LFI (Local File Inclusion) in CodexThemes TheGem Theme Elements (for Elementor) due to improper control of the filename for include/require statements in PHP. Affected software: TheGem Theme Elements for Elementor up to version 5.10.5.1. Root cause is filename handling during...

EUVD-2025-204792

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CodexThemes TheGem Theme Elements for Elementor.This issue affects TheGem Theme Elements for Elementor: from n/a through 5.10.5.1...

CVE-2025-68560 WordPress TheGem Theme Elements (for Elementor) plugin <= 5.10.5.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor.This issue affects TheGem Theme Elements for Elementor: from n/a through = 5.10.5.1...

CVE-2025-68560 WordPress TheGem Theme Elements (for Elementor) plugin <= 5.10.5.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor.This issue affects TheGem Theme Elements for Elementor: from n/a through = 5.10.5.1...

CVE-2025-62094

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in voidthemes Void Elementor WHMCS Elements For Elementor Page Builder void-elementor-whmcs-elements.This issue affects Void Elementor WHMCS Elements For Elementor Page Builder: from n/a through =...

WordPress plugin TheGem Theme Elements (for Elementor) 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...