CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

Vulnrichment•added 2026/04/27 10:41 a.m.•1 views

CVE-2026-42410 WordPress TheGem theme Elements (for Elementor) plugin < 5.12.1.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Theme Elements for Elementor allows DOM-Based XSS.This issue affects TheGem Theme Elements for Elementor: from n/a before 5.12.1.1...

6.5CVSS5.2AI score0.00039EPSS

Exploits0References1

Positive Technologies•added 2026/04/27 12:0 a.m.•2 views

PT-2026-35398

6.5CVSS5.2AI score0.00039EPSS

Exploits0References2

RedhatCVE•added 2026/01/08 3:15 a.m.•3 views

CVE-2025-69357

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor allows Stored XSS.This issue affects TheGem Theme Elements for Elementor: from n/a through = 5.11.0...

6.5CVSS6AI score0.00064EPSS

Exploits0References1

RedhatCVE•added 2026/01/08 3:15 a.m.•3 views

CVE-2025-69356

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor allows PHP Local File Inclusion.This issue affects TheGem Theme Elements for Elementor: from n/a through...

7.5CVSS7.1AI score0.0022EPSS

Exploits0References1

NVD•added 2026/01/06 5:15 p.m.•4 views

CVE-2025-69356

7.5CVSS0.0022EPSS

Exploits0References1

RedhatCVE•added 2025/12/24 11:37 a.m.•1 views

CVE-2025-68559

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor.This issue affects TheGem Theme Elements for Elementor: from n/a through = 5.10.5.1...

6.5CVSS5.9AI score0.00029EPSS

Exploits0References1

NVD•added 2025/12/23 12:15 p.m.•5 views

CVE-2025-68560

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor.This issue affects TheGem Theme Elements for Elementor: from n/a through = 5.10.5.1...

7.5CVSS0.0014EPSS

Exploits0References1

NVD•added 2025/12/23 12:15 p.m.•2 views

CVE-2025-68559

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor.This issue affects TheGem Theme Elements for Elementor: from n/a through = 5.10.5.1...

6.5CVSS0.00029EPSS

Exploits0References1

EUVD•added 2025/12/23 11:36 a.m.•3 views

EUVD-2025-204792

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CodexThemes TheGem Theme Elements for Elementor.This issue affects TheGem Theme Elements for Elementor: from n/a through 5.10.5.1...

7.5CVSS6.6AI score0.0014EPSS

Exploits0References2

CVE•added 2025/11/06 3:55 p.m.•9 views

CVE-2025-62045

CVE-2025-62045 is a Local File Inclusion vulnerability in the WordPress plugin TheGem Theme Elements (for WPBakery) — TheGem Elements (thegem-elements). Affected versions are up to 5.10.5.1. Root cause: improper control of the filename used in include/require statements in PHP, enabling LFI. Impa...

8.1CVSS6.7AI score0.0014EPSS

Exploits0References1

CVE•added 2025/11/06 3:55 p.m.•7 views

CVE-2025-62044

CVE-2025-62044 corresponds to a cross-site scripting (XSS) vulnerability in TheGem Theme Elements (for WPBakery) by CodexThemes. Multiple connected sources (NVD/Red Hat/EUVD/Wordfence/PATCHSTACK) confirm the issue affects TheGem Theme Elements (for WPBakery): input neutralization during web page ...

6.5CVSS6AI score0.00031EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by