All news

file upload vulnerability

(3 articles)
Breeze Cache WordPress Plugin File Upload Exploit

April 23, 2026

Breeze Cache WordPress Plugin File Upload Exploit

CVE-2026-3844 lets unauthenticated attackers upload arbitrary files to WordPress sites running Breeze Cache. 170+ exploits logged. Patch now.

Ninja Forms File Upload Flaw: CVE-2026-0740

April 7, 2026

Ninja Forms File Upload Flaw: CVE-2026-0740

CVE-2026-0740 in Ninja Forms File Upload allows unauthenticated RCE. Over 3,600 attacks blocked in 24 hours. Update to 3.3.27 now.

New 'PolyShell' Flaw Allows Unauthenticated RCE on Magento E-Stores

March 19, 2026

New 'PolyShell' Flaw Allows Unauthenticated RCE on Magento E-Stores

The PolyShell vulnerability lets attackers execute code or hijack accounts on Magento stores without authentication - and exploit code is already circulating.