CVE-2026-7252 | davidanderson WP-Optimize Plugin up to 4.5.2 on WordPress REST API unscheduled_original_file_deletion path traversal (EUVD-2026-28323)
A vulnerability was found in davidanderson WP-Optimize Plugin up to 4.5.2 on WordPress. It has been classified as critical. This vulnerability affects the function unscheduled_original_file_deletion of the component REST API. The manipulation leads to path traversal.
This vulnerability is listed as CVE-2026-7252. The attack may be initiated remotely. There is no available exploit.