Axiomthemes Jude allows hackers to access local files on your server

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

8.1

Axiomthemes Jude allows hackers to access local files on your server

CVE-2026-22366

Summary

A vulnerability in Axiomthemes Jude allows hackers to access local files on your server, which could lead to sensitive information being stolen or malicious code being executed. This affects versions of Jude up to 1.3.0. Update to the latest version to fix this issue.

Original title

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Jude jude allows PHP Local File Inclusion.This issue affects Jud...

Original description

nvd CVSS3.1 8.1

Vulnerability type

CWE-98 Improper Control of Filename for Include

https://patchstack.com/database/Wordpress/Theme/jude/vulnerability/wordpress-jud...

Published: 20 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026