PT-2026-1485 · Codexthemes · Thegem Theme Elements

Published

2026-01-06

Updated

2026-01-06

CVE-2025-69357

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions CodexThemes TheGem Theme Elements (for Elementor) versions through 5.11.0

Description TheGem Theme Elements (for Elementor) is susceptible to a Stored Cross-site Scripting (XSS) issue. This occurs due to improper neutralization of input during web page generation. An attacker could potentially inject malicious scripts into web pages, which could then be executed by unsuspecting users. TheGem Theme Elements (for Elementor) is affected.

Recommendations Update TheGem Theme Elements (for Elementor) to a version later than 5.11.0.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2025-69357

Affected Products

Thegem Theme Elements

PT-2026-1485 · Codexthemes · Thegem Theme Elements

CVE-2025-69357

Weakness Enumeration

Related Identifiers

Affected Products

References · 5