HIGH
SigmaPlugin
CVE published 2026-05-20
CVE-2026-7522
The Advanced Database Cleaner – Premium plugin for WordPress contains a Local File Inclusion (LFI) vulnerability in versions up to and including 4.1.0. The flaw exists in the handling of the 'template' parameter, which fails to properly validate or sanitize user-supplied input before using it in file inclusion operations. This allows authenticated attackers with Subscriber-level privileges or higher to in [truncated]