## https://sploitus.com/exploit?id=34381427-5B66-5E5D-8916-3FF61572DEED
# CVE-2026-3844 Mass Exploit
CVE-2026-3844 โ [Breeze Cache WordPress](https://github.com/advisories/GHSA-c529-q7mw-hq6j) <=2.4.4 allows unauthenticated file upload via fetch_gravatar_from_remote when local gravatar hosting is enabled.
---
## Installation
Download repository
```bash
git clone https://github.com/im-hanzou/CVE-2026-3844
```
Go to repository folder
```bash
cd CVE-2026-3844
```
Install requirements
```bash
pip install -r requirements.txt
```
## Usage
Prepare a text file, one target per line:
```
https://example.com
192.168.1.1:8080
```
Run this command to display the usage guide
```bash
python CVE-2026-3844.py -h
```
Results are saved to
- `successful_uploads.txt` โ uploaded file urls
---
## Disclaimer
This tool is for educational and authorized security research purposes only. The author is not responsible for any misuse or damage caused by this tool. Only use against systems you own or have explicit permission to test.