CVE-2026-3844 | cloudways Breeze Cache Plugin up to 2.4.4 on WordPress fetch_gravatar_from_remote unrestricted upload

A vulnerability has been found in cloudways Breeze Cache Plugin up to 2.4.4 on WordPress and classified as critical. Impacted is the function fetch_gravatar_from_remote. This manipulation causes unrestricted upload.

The identification of this vulnerability is CVE-2026-3844. It is possible to initiate the attack remotely. There is no exploit available.

The affected component should be upgraded.VulDB Recent EntriesRead More