Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Breeze Cache unauthenticated file-upload flaw (CVE-2026-3844)

Vulnerability
First reported
Last updated
Happening score
H score 44
1 unique sources, 1 articles

Summary

Hide ▲

Active exploitation of CVE-2026-3844 in the Breeze Cache WordPress plugin puts sites running versions up to 2.4.4 at risk of unauthenticated arbitrary file upload, RCE, and website takeover when the Host Files Locally - Gravatars add-on is enabled.

Related Happenings

Gladinet CentreStack and Triofox workaround for CVE-2025-11371

Advisory/Mitigation
First: 10.10.2025 22:08 Last: 10.10.2025 22:08 Sources 1

About this happening: **CentreStack** and **Triofox** are affected by **CVE-2025-11371**, a **local file inclusion zero-day** that threat actors have **abused since late September** to read **Web.confi...

Open Happening

Service Finder WordPress theme active auth bypass exploitation wave (CVE-2025-5947)

Exploitation Wave
First: 08.10.2025 18:57 Last: 08.10.2025 18:57 Sources 1

About this happening: **CVE-2025-5947** is being exploited at scale against the **Service Finder WordPress theme**, with attackers using an authentication bypass to log in as administrators and take ov...

Open Happening

Timeline

  1. 24.04.2026 00:33 2 articles · 1mo ago

    Active exploitation of Breeze Cache CVE-2026-3844

    Initial Disclosure

    Wordfence and Defiant identified active exploitation of CVE-2026-3844 in the Breeze Cache WordPress plugin from Cloudways, where missing file-type validation in fetch_gravatar_from_remote lets an unauthenticated attacker upload arbitrary files when Host Files Locally - Gravatars is enabled, creating a path to RCE and complete website takeover; Wordfence has seen more than 170 exploitation attempts.

    Show sources
    Open in new tab