CVE-2026-3844
Breeze Cache <= 2.4.4 - Unauthenticated Arbitrary File Upload via fetch_gravatar_from_remote
Description
The Breeze Cache plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'fetch_gravatar_from_remote' function in all versions up to, and including, 2.4.4. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. The vulnerability can only be exploited if "Host Files Locally - Gravatars" is enabled, which is disabled by default.
In plain language
AI Act nowCVE-2026-3844 is a WordPress file-upload flaw in Breeze Cache that lets an unauthenticated attacker upload arbitrary files to your server if “Host Files Locally - Gravatars” is turned on; most small businesses won’t be exposed by default, but RED means you should check and remove this setting if you can’t update yet.
Unauthenticated arbitrary file upload in Breeze Cache via fetch_gravatar_from_remote (CWE-434) allows remote attackers to upload files to the WordPress server running the plugin when the “Host Files Locally - Gravatars” feature is enabled.
What to do now
- Check whether you run the WordPress plugin “Breeze Cache” and identify your installed version.
- In the Breeze Cache settings, verify whether “Host Files Locally - Gravatars” is enabled.
- If it is enabled and you are on Breeze Cache version 2.4.4 or earlier, disable “Host Files Locally - Gravatars” immediately.
- Apply any available Breeze Cache update that fixes this issue; if no fixed version is available for your branch, plan a plugin replacement/upgrade as soon as possible.
CVSS Vector Breakdown
AV:NAttack VectorAC:LAttack ComplexityPR:NPrivileges RequiredUI:NUser InteractionS:UScopeC:HConfidentialityI:HIntegrityA:HAvailabilityWeaknesses
Affected Products
Exploitability
Attack Graph
Click technique nodes for MITRE ATT&CK details · drag to pan · Ctrl/⌘ + scroll to zoom, or go fullscreen.
MITRE ATT&CK
3 techniquesReferences
Unlock Complete Vulnerability Intelligence
Get the full picture for CVE-2026-3844 and every CVE in our database. Create a free account — no credit card required.
Create Free Account