CVE-2026-3844: Breeze Cache bajo ataque activo

¿Tenés Breeze Cache instalado? La vulnerabilidad CVE-2026-3844 (CVSS 9.8) permite subir archivos PHP sin autenticación. Actualizá a 2.4.5 ahora.

https://seguridadenwordpress.com/vulnerabilidad-breeze-cache-cve-2026-3844/

#breezecache #cve20263844 #wordpressplugins #rce #seguridadwordpress

Hackers exploit file upload bug in #BreezeCache #WordPress plugin

https://www.bleepingcomputer.com/news/security/hackers-exploit-file-upload-bug-in-breeze-cache-wordpress-plugin/

#cybersecurity

A critical file upload vulnerability (CVE-2026-3844) in the Breeze Cache WordPress plugin is being actively exploited, allowing unauthenticated attackers to upload arbitrary files and achieve Remote Code Execution. This 9.8 CVSS flaw stems from a Gravatar feature lacking file type validation, but only affects sites with a non-default setting enabled. Many users might be unknowingly vulnerable;…

https://www.tpp.blog/25w54kp

#cybersecurity #breezecache #wordpress

🤖 This post was AI-generated.