PT-2025-52741 · Unknown · Thegem Theme Elements
João Pedro S Alcântara
+1
·
Published
2025-12-23
·
Updated
2025-12-23
·
CVE-2025-68559
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
TheGem Theme Elements (for Elementor) versions through 5.10.5.1
Description
An issue exists in the way user-supplied data is handled during the generation of web pages, potentially allowing for Cross-site Scripting (XSS). This impacts TheGem Theme Elements (for Elementor). The issue could allow an attacker to inject malicious scripts into web pages viewed by other users.
Recommendations
Update TheGem Theme Elements (for Elementor) to a version later than 5.10.5.1.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Thegem Theme Elements