CVE-2026-32393 is a Local File Inclusion (LFI) vulnerability found in the Creatives_Planet Greenly Theme Addons, a PHP-based theme extension used primarily in content management systems such as WordPress. The vulnerability arises from improper control over the filename parameter used in PHP include or require statements, allowing an attacker to manipulate the input to include arbitrary local files on the server. This can lead to disclosure of sensitive information, such as configuration files or source code, and in some cases, enable remote code execution if combined with other vulnerabilities or misconfigurations. The affected versions are all prior to 8.2, with no specific earliest version identified. Although no public exploits are currently known, the vulnerability is critical because LFI flaws are commonly exploited in web environments. The lack of a CVSS score means severity must be inferred from the impact on confidentiality, integrity, and availability, as well as ease of exploitation. Since the vulnerability does not require authentication and can be triggered remotely via crafted HTTP requests, it poses a significant risk to affected web servers. The issue was published on March 13, 2026, by Patchstack, indicating recent discovery and disclosure. No official patches or mitigations are linked yet, emphasizing the need for immediate attention from users of the Greenly Theme Addons.

The primary impact of CVE-2026-32393 is unauthorized access to local files on web servers running vulnerable versions of the Greenly Theme Addons. This can lead to exposure of sensitive data such as credentials, configuration files, or source code, undermining confidentiality. In some scenarios, attackers may chain this vulnerability with others to achieve remote code execution, threatening system integrity and availability. Organizations relying on PHP-based CMS platforms with this theme addon are at risk of website defacement, data breaches, or full server compromise. The vulnerability can disrupt business operations, damage reputation, and lead to regulatory compliance issues if sensitive customer data is exposed. Since the flaw can be exploited remotely without authentication, the attack surface is broad, increasing the likelihood of exploitation especially in environments with public-facing web servers. The absence of known exploits currently provides a window for proactive mitigation, but the risk remains high due to the commonality of LFI attacks in the wild.

1. Immediately upgrade the Greenly Theme Addons to version 8.2 or later once available, as this is expected to contain the fix. 2. Until patches are released, implement strict input validation and sanitization on all parameters that control file inclusion to prevent malicious input. 3. Employ web application firewalls (WAFs) with rules specifically designed to detect and block LFI attack patterns targeting include/require statements. 4. Restrict PHP file inclusion paths using configuration directives such as open_basedir to limit accessible directories. 5. Disable unnecessary PHP functions that facilitate file inclusion or execution if not required by the application. 6. Monitor web server logs for suspicious requests containing directory traversal sequences or unusual file inclusion attempts. 7. Conduct regular security audits and penetration testing focused on file inclusion vulnerabilities. 8. Educate developers and administrators on secure coding practices related to dynamic file inclusion. 9. Isolate critical web applications in segmented network zones to reduce impact in case of compromise. 10. Maintain up-to-date backups to enable rapid recovery if exploitation occurs.