A-Mart E-commerce Platform Allows Access to Local Files

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

8.1

A-Mart E-commerce Platform Allows Access to Local Files

CVE-2026-22361

Summary

A-Mart's e-commerce platform has a security weakness that allows hackers to access and potentially view sensitive files on the same server. This is a concern because it could allow an attacker to steal confidential information or disrupt the site's functionality. The vendor has released a patch to fix this issue, so it's essential to update the A-Mart software to the latest version (1.0.3 or higher).

Original title

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes A-Mart a-mart allows PHP Local File Inclusion.This issue affects...

Original description

nvd CVSS3.1 8.1

Vulnerability type

CWE-98 Improper Control of Filename for Include

https://patchstack.com/database/Wordpress/Theme/a-mart/vulnerability/wordpress-a...

Published: 20 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026