WordPress Plugin Vulnerabilities

Breeze Cache < 2.4.5 - Unauthenticated Arbitrary File Upload

Description

The plugin is vulnerable to arbitrary file uploads due to missing file type validation in the 'fetch_gravatar_from_remote' function. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. The vulnerability can only be exploited if "Host Files Locally - Gravatars" is enabled, which is disabled by default.

Affects Plugins

Plugin icon
breeze
Fixed in 2.4.5

References

CVE
CVE-2026-3844
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/e342b1c0-6e7f-4e2c-8a52-018df12c12a0

Miscellaneous

Original Researcher
Hung Nguyen (bashu)
Verified
No
WPVDB ID
4acfefc2-88a2-4dc5-8102-f0f8e4913661

Timeline

Publicly Published
2026-04-22 (about 22 days ago)
Added
2026-04-22 (about 21 days ago)
Last Updated
2026-05-11 (about 2 days ago)

Other

Published
Title
Published
2023-07-12
Title
User Registration < 3.0.2.1 - Subscriber+ Arbitrary File Upload
Published
2023-12-27
Title
Piotnet Forms Plugin < 1.0.29 - Unauthenticated Arbitrary File Upload
Published
2014-08-01
Title
Xerte Online <= 0.35 - File Upload
Published
2021-04-10
Title
Classyfrieds <= 3.8 - Authenticated Arbitrary File Upload to RCE
Published
2024-07-03
Title
IMGspider < 2.3.11 - Authenticated (Contributor+) Arbitrary File Upload via 'upload'