PatchSiren

CodexThemes CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH CodexThemes CVE published 2026-07-13

CVE-2026-57804

CVE-2026-57804 is a PHP Local File Inclusion vulnerability in TheGem Theme Elements (for Elementor) due to improper control of filename for include/require statements. This issue affects TheGem Theme Elements (for Elementor) from n/a through <= 5.11.1 with a CVSS score of 7.5. The vulnerability allows attackers to include local files, potentially leading to code execution. Users of TheGem Theme Elements ( [truncated]