Attackers exploit a Breeze Cache flaw (CVE-2026-3844) to upload files without login. Wordfence researchers detected over 170 attacks. Threat actors are exploiting a critical flaw, tracked as CVE-2026-3844 (CVSS score of 9.8), in the Breeze Cache WordPress plugin, allowing them to upload files to a server without authentication. The vulnerability has already been used in…
Tag: Upload
Global Security News
Critical Vulnerability in Ninja Forms Exposes WordPress Sites
Ninja Forms File Upload RCE via unauthenticated arbitrary file upload; update to 3.3.27 immediately