WordPress Breeze Cache plugin <= 2.5.2 - Unauthenticated Exposure of Sensitive Information to an Unauthorized Actor vulnerability

Unauthenticated Exposure of Sensitive Information to an Unauthorized Actor vulnerability discovered by Nguyen Ngoc Duc duc193 in WordPress Plugin Breeze versions = 2.5.2...

WordPress Breeze Cache plugin <= 2.4.4 - Unauthenticated Arbitrary File Upload via fetch_gravatar_from_remote vulnerability

Unauthenticated Arbitrary File Upload via fetchgravatarfromremote vulnerability discovered by Hung Nguyen bashu - VN in WordPress Plugin Breeze versions = 2.4.4...

CVE-2026-3844

The Breeze Cache plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'fetchgravatarfromremote' function in all versions up to, and including, 2.4.4. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected...

CVE-2026-3844

The Breeze Cache plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'fetchgravatarfromremote' function in all versions up to, and including, 2.4.4. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected...

CVE-2026-3844 Breeze Cache <= 2.4.4 - Unauthenticated Arbitrary File Upload via fetch_gravatar_from_remote

The Breeze Cache plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'fetchgravatarfromremote' function in all versions up to, and including, 2.4.4. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected...

PT-2026-34629

Name of the Vulnerable Software and Affected Versions Breeze Cache versions prior to 2.4.5 Description An arbitrary file upload issue exists in the Breeze Cache plugin for WordPress, affecting approximately 400,000 active installations. The flaw is located in the fetch gravatar from remote...