A vulnerability described as critical has been identified in Codexmes TheGem Theme Elements up to 5.11.1 on WordPress. This impacts an unknown function. Such manipulation of the argument filename leads to file inclusion.

This vulnerability is listed as CVE-2026-57804. The attack may be performed from remote. There is no available exploit.