CVE-2026-3844 - Breeze Cache <= 2.4.4 - Unauthenticated Arbitrary File Upload via fetch_gravatar_from_remote
CVE ID :CVE-2026-3844 Published : April 23, 2026, 3:16 a.m. | 29 minutes ago Description :The Breeze Cache plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'fetch_gravatar_from_remote' function in all versions up to, and including, 2.4.4.
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] From LOW to CRITICAL: How a 5-Step Vulnerability Chain Goes Undetected by Flat Scanners
- [CYBER] Uptoskills internship legit ??
- [CYBER] Ransomware, fraud, and lawsuits drive cyber insurance claims to new peaks
- [CYBER] The Credential Vending Revolution: How Polaris Eliminates Long-Lived Keys
- [CYBER] How I Built a Production-Ready SaaS Boilerplate with Next.js 16
- [CYBER] Deaths of CIA agents in Mexico spark sovereignty row with White House