40 matches found
CVE-2026-2128
The Breeze plugin for WordPress is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor in all versions up to, and including, 2.5.2 This is due to improper verification of the wordpressloggedin cookie in the inc/cache/execute-cache.php file when the "Cache Logged-in Users"...
CVE-2026-2128
The Breeze plugin for WordPress is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor in all versions up to, and including, 2.5.2 This is due to improper verification of the wordpressloggedin cookie in the inc/cache/execute-cache.php file when the "Cache Logged-in Users"...
WordPress plugin Breeze 信息泄露漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
PT-2026-44747
Name of the Vulnerable Software and Affected Versions Breeze versions prior to 2.5.3 Description Improper verification of the wordpress logged in cookie in the inc/cache/execute-cache.php file occurs when the "Cache Logged-in Users" setting is enabled. The plugin uses the substr function to parse...
Exploit for CVE-2026-3844
CVE-2026-3844 — Breeze Cache move $tempgrava...
Exploit for CVE-2026-3844
CVE-2026-3844 PoC exploit for CVE-2026-3844, a critical unauth...
CVE-2025-13864
The Breeze - WordPress Cache Plugin plugin for WordPress is vulnerable to unauthorized cache clearing in all versions up to, and including, 2.2.21. This is due to the REST API endpoint /wp-json/breeze/v1/clear-all-cache being registered with permissioncallback = 'returntrue' and authentication...
CVE-2025-13864 Breeze – WordPress Cache Plugin <= 2.2.21 - Missing Authorization to Cache Deletion
The Breeze - WordPress Cache Plugin plugin for WordPress is vulnerable to unauthorized cache clearing in all versions up to, and including, 2.2.21. This is due to the REST API endpoint /wp-json/breeze/v1/clear-all-cache being registered with permissioncallback = 'returntrue' and authentication...
CVE-2025-13864 Breeze – WordPress Cache Plugin <= 2.2.21 - Missing Authorization to Cache Deletion
The Breeze - WordPress Cache Plugin plugin for WordPress is vulnerable to unauthorized cache clearing in all versions up to, and including, 2.2.21. This is due to the REST API endpoint /wp-json/breeze/v1/clear-all-cache being registered with permissioncallback = 'returntrue' and authentication...
CVE-2025-13864
The Breeze WordPress Cache Plugin (WordPress) is vulnerable in all versions up to 2.2.21 due to the REST endpoint /wp-json/breeze/v1/clear-all-cache being registered with permission_callback => '__return_true' and authentication disabled by default when the API is enabled. This allows unauthen...
WordPress plugin Breeze - WordPress Cache Plugin 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress Breeze plugin <= 2.2.21 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Bao - BlueRock in WordPress Plugin Breeze versions = 2.2.21...
CVE-2025-69364 WordPress Breeze plugin <= 2.2.21 - Broken Access Control vulnerability
Missing Authorization vulnerability in Cloudways Breeze breeze allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Breeze: from n/a through = 2.2.21...
CVE-2025-69364 WordPress Breeze plugin <= 2.2.21 - Broken Access Control vulnerability
Missing Authorization vulnerability in Cloudways Breeze breeze allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Breeze: from n/a through = 2.2.21...
WordPress plugin Breeze 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...
EUVD-2022-33782
Malicious code in bioql PyPI...
Malicious code in breeze-plugin-ntuc (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-47618 Malicious code in breeze-plugin-ntuc (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-47617 Malicious code in breeze-plugin-income-flexitravel (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in breeze-plugin-income-flexitravel (npm)
--- -= Per source details. Do not edit below this line.=-...