Codexthemes Thegem
4 CVEs affecting Codexthemes Thegem. Latest disclosed: 2025-11-06. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-4317 | High | 8.8 | 2025-05-13 | The TheGem theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the thegem_get_logo_url() function in all version… |
CVE-2025-62011 | Medium | 6.5 | 2025-11-06 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodexThemes TheGem thegem.This issue affects TheGem: from… |
CVE-2025-60097 | Medium | 5.4 | 2025-09-26 | Missing Authorization vulnerability in CodexThemes TheGem thegem allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The… |
CVE-2025-4339 | Medium | 4.3 | 2025-05-13 | The TheGem theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxApi() function in all versions u… |