Key Findings Critical vulnerability (CVE-2026-3844, CVSS 9.8) in Breeze Cache WordPress plugin allows unauthenticated file uploads Over 400,000 websites currently affected by the flaw Wordfence detected 170+ active attacks, with 3,936 blocked in 24 hours alone Vulnerability requires "Host Files Locally – Gravatars" option to be enabled, which is disabled by default Affects all versions up to 2.4.4; patch available in version 2.4.5 Background Breeze Cache is a popular free Wor
