Lucene search
K

184 matches found

NVD
NVD
added 2 days ago6 views

CVE-2026-57804

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor allows PHP Local File Inclusion.This issue affects TheGem Theme Elements for Elementor: from n/a through...

7.5CVSS0.00496EPSS
Exploits0References1
CVE
CVE
added 2 days ago14 views

CVE-2026-57804

CVE-2026-57804 describes an PHP Local File Inclusion in CodexThemes TheGem Theme Elements (for Elementor), specifically TheGem Theme Elements for Elementor up to version 5.11.1. The issue arises from improper control of the filename used in include/require statements, enabling an attacker with au...

7.5CVSS6.1AI score0.00496EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/07/02 3:25 p.m.6 views

WordPress TheGem theme Elements (for Elementor) plugin <= 5.11.1 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin TheGem Theme Elements for Elementor versions = 5.11.1...

7.5CVSS5.9AI score0.00496EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:30 p.m.11 views

CVE-2026-42410

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Theme Elements for Elementor allows DOM-Based XSS.This issue affects TheGem Theme Elements for Elementor: from n/a before 5.12.1.1...

6.5CVSS5.4AI score0.00127EPSS
Exploits0References1
NVD
NVD
added 2026/04/27 12:16 p.m.8 views

CVE-2026-42410

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Theme Elements for Elementor allows DOM-Based XSS.This issue affects TheGem Theme Elements for Elementor: from n/a before 5.12.1.1...

6.5CVSS0.00127EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/27 10:41 a.m.28 views

CVE-2026-42410 WordPress TheGem theme Elements (for Elementor) plugin < 5.12.1.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Theme Elements for Elementor allows DOM-Based XSS.This issue affects TheGem Theme Elements for Elementor: from n/a before 5.12.1.1...

6.5CVSS0.00127EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/27 10:41 a.m.3 views

CVE-2026-42410 WordPress TheGem theme Elements (for Elementor) plugin < 5.12.1.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Theme Elements for Elementor allows DOM-Based XSS.This issue affects TheGem Theme Elements for Elementor: from n/a before 5.12.1.1...

6.5CVSS5.2AI score0.00127EPSS
Exploits0References1
CVE
CVE
added 2026/04/27 10:41 a.m.12 views

CVE-2026-42410

The CVE-2026-42410 entry describes a DOM-based XSS in the WordPress TheGem Theme Elements (for Elementor) plugin, affecting versions before 5.12.1.1. Root cause: improper neutralization of input during web page generation. Impact is limited to client-side data integrity and potential user-facing ...

6.5CVSS5.2AI score0.00127EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/27 10:41 a.m.6 views

CVE-2026-42410

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Theme Elements for Elementor allows DOM-Based XSS.This issue affects TheGem Theme Elements for Elementor: from n/a before 5.12.1.1...

6.5CVSS5.2AI score0.00127EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/27 10:41 a.m.4 views

EUVD-2026-25822

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Theme Elements for Elementor allows DOM-Based XSS.This issue affects TheGem Theme Elements for Elementor: from n/a before 5.12.1.1...

6.5CVSS5.2AI score0.00127EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/04/27 10:39 a.m.8 views

WordPress TheGem theme Elements (for Elementor) plugin < 5.12.1.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin TheGem Theme Elements for Elementor versions 5.12.1.1...

6.5CVSS5AI score0.00127EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2026/04/27 12:0 a.m.11 views

WordPress Plugin TheGem Theme Elements for Elementor 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the...

6.5CVSS5.7AI score0.00127EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.13 views

PT-2026-35398

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Theme Elements for Elementor allows DOM-Based XSS.This issue affects TheGem Theme Elements for Elementor: from n/a before 5.12.1.1...

6.5CVSS5.2AI score0.00127EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/03/22 6:11 p.m.197 views

Exploit for Cross-site Scripting in Codex-Themes Thegem

TheGem-Theme-Exploit-Chain-One-Click-Full-Compromise-Subscribe...

8.8CVSS7AI score0.01091EPSS
Exploits1
Patchstack
Patchstack
added 2026/01/10 4:50 p.m.11 views

WordPress TheGem Theme Elements (for WPBakery) plugin <= 5.11.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin TheGem Theme Elements for WPBakery versions = 5.11.0...

6.5CVSS5.9AI score0.00133EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/10 3:29 a.m.9 views

WordPress TheGem Theme Elements (for Elementor) plugin <= 5.11.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin TheGem Theme Elements for Elementor versions = 5.11.0...

6.5CVSS5.9AI score0.00133EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/10 12:22 a.m.11 views

WordPress TheGem Theme Elements (for Elementor) plugin <= 5.11.0 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin TheGem Theme Elements for Elementor versions = 5.11.0...

7.5CVSS6.9AI score0.00331EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/08 3:15 a.m.7 views

CVE-2025-69357

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor allows Stored XSS.This issue affects TheGem Theme Elements for Elementor: from n/a through = 5.11.0...

6.5CVSS6AI score0.00133EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/08 3:15 a.m.16 views

CVE-2025-69360

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Theme Elements for WPBakery thegem-elements allows DOM-Based XSS.This issue affects TheGem Theme Elements for WPBakery: from n/a through = 5.11.0...

6.5CVSS6.4AI score0.00133EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/08 3:15 a.m.14 views

CVE-2025-69356

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor allows PHP Local File Inclusion.This issue affects TheGem Theme Elements for Elementor: from n/a through...

7.5CVSS7.1AI score0.00331EPSS
Exploits0References1
Rows per page
Query Builder