184 matches found
CVE-2023-32238
Vulnerability in CodexThemes TheGem Elementor, CodexThemes TheGem WPBakery.This issue affects TheGem Elementor: from n/a before 5.8.1.1; TheGem WPBakery: from n/a before 5.8.1.1...
WordPress plugin TheGem (Elementor) 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
CVE-2023-32238
CVE-2023-32238 affects CodexThemes TheGem (Elementor) and TheGem (WPBakery). Affected versions: TheGem for Elementor and TheGem for WPBakery prior to 5.8.1.1. Root cause: broken access control / missing authorization leading to elevation of privilege according to Patchstack, with a CVSS v3.1 base...
CVE-2023-32238 WordPress TheGem theme < 5.8.1.1 - Broken Access Control vulnerability
Vulnerability in CodexThemes TheGem Elementor, CodexThemes TheGem WPBakery.This issue affects TheGem Elementor: from n/a before 5.8.1.1; TheGem WPBakery: from n/a before 5.8.1.1...
CVE-2023-32238 WordPress TheGem theme < 5.8.1.1 - Broken Access Control vulnerability
Vulnerability in CodexThemes TheGem Elementor, CodexThemes TheGem WPBakery.This issue affects TheGem Elementor: from n/a before 5.8.1.1; TheGem WPBakery: from n/a before 5.8.1.1...
PT-2025-53808
Name of the Vulnerable Software and Affected Versions CodexThemes TheGem Elementor versions prior to 5.8.1.1 CodexThemes TheGem WPBakery versions prior to 5.8.1.1 Description A security issue exists in CodexThemes TheGem with both the Elementor and WPBakery page builder integrations. The...
CVE-2025-68559
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor.This issue affects TheGem Theme Elements for Elementor: from n/a through = 5.10.5.1...
CVE-2025-68560
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor.This issue affects TheGem Theme Elements for Elementor: from n/a through = 5.10.5.1...
CVE-2025-68559
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor.This issue affects TheGem Theme Elements for Elementor: from n/a through = 5.10.5.1...
CVE-2025-68560
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor.This issue affects TheGem Theme Elements for Elementor: from n/a through = 5.10.5.1...
EUVD-2025-204791
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Theme Elements for Elementor.This issue affects TheGem Theme Elements for Elementor: from n/a through 5.10.5.1...
CVE-2025-68559
TheGem Theme Elements (for Elementor) WordPress plugin is vulnerable to Cross‑Site Scripting (XSS) due to improper input neutralization during web page generation. Affected versions are up to 5.10.5.1. Risk is mitigated by upgrading to a version later than 5.10.5.1, per multiple sources describin...
CVE-2025-68559 WordPress TheGem Theme Elements (for Elementor) plugin <= 5.10.5.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor.This issue affects TheGem Theme Elements for Elementor: from n/a through = 5.10.5.1...
CVE-2025-68560 WordPress TheGem Theme Elements (for Elementor) plugin <= 5.10.5.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor.This issue affects TheGem Theme Elements for Elementor: from n/a through = 5.10.5.1...
CVE-2025-68560
The CVE describes an LFI (Local File Inclusion) in CodexThemes TheGem Theme Elements (for Elementor) due to improper control of the filename for include/require statements in PHP. Affected software: TheGem Theme Elements for Elementor up to version 5.10.5.1. Root cause is filename handling during...
EUVD-2025-204792
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CodexThemes TheGem Theme Elements for Elementor.This issue affects TheGem Theme Elements for Elementor: from n/a through 5.10.5.1...
CVE-2025-68560 WordPress TheGem Theme Elements (for Elementor) plugin <= 5.10.5.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor.This issue affects TheGem Theme Elements for Elementor: from n/a through = 5.10.5.1...
WordPress plugin TheGem Theme Elements (for Elementor) 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-52741
Name of the Vulnerable Software and Affected Versions TheGem Theme Elements for Elementor versions through 5.10.5.1 Description An issue exists in the way user-supplied data is handled during the generation of web pages, potentially allowing for Cross-site Scripting XSS. This impacts TheGem Theme...
PT-2025-52742
Name of the Vulnerable Software and Affected Versions TheGem Theme Elements for Elementor versions through 5.10.5.1 Description An issue exists in CodexThemes TheGem Theme Elements for Elementor related to improper control of filename for include/require statements, potentially leading to a PHP...