CVE-2026-32505 PHP — Exploit & Vulnerability Details NONE

Parameter	Value
Type	CWE-98
Vendor	PHP
Public PoC	No

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in CreativeWS Kiddy kiddy allows PHP Local File Inclusion.This issue affects Kiddy: from n/a through <= 2.0.8.

Weakness Type (CWE)

CWE-98

References 1

https://patchstack.com/database/Wordpress/Theme/kiddy/vulnerability/wordpress-k…

audit@patchstack.com

Share Post Share Share Share

Related Vulnerabilities

CVE-2026-32504

PHP

None

CVE-2026-32503

PHP

None

CVE-2026-32500

PHP

None

CVE-2026-27081

PHP

None

CVE-2026-27080

PHP

None

Menu

CVE-2026-32505

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-32504

CVE-2026-32503

CVE-2026-32500

CVE-2026-27081

CVE-2026-27080

CVE Details

Editor's Choice

Menu

CVE-2026-32505

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-32504

CVE-2026-32503

CVE-2026-32500

CVE-2026-27081

CVE-2026-27080

CVE Details

Editor's Choice

Stay informed on cybersecurity