Codexthemes Thegem

4 CVEs affecting Codexthemes Thegem. Latest disclosed: 2025-11-06. Critical: 0, High: 1.

Top CVEs affecting Codexthemes Thegem
CVESeverityScorePublishedSummary
CVE-2025-4317High8.82025-05-13The TheGem theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the thegem_get_logo_url() function in all version…
CVE-2025-62011Medium6.52025-11-06Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodexThemes TheGem thegem.This issue affects TheGem: from…
CVE-2025-60097Medium5.42025-09-26Missing Authorization vulnerability in CodexThemes TheGem thegem allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The…
CVE-2025-4339Medium4.32025-05-13The TheGem theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxApi() function in all versions u…