A vulnerability was found in SigmaPlugin Advanced Database Cleaner Plugin up to 4.1.0 on WordPress. It has been rated as critical . This issue affects some unknown processing. This manipulation of the argument template causes improper control of filename for include/require statement in php program ('php remote file inclusion'). The identification of this vulnerability is CVE-2026-7522 . It is possible to initiate the attack remotely. There is no exploit available.