Share
## https://sploitus.com/exploit?id=34381427-5B66-5E5D-8916-3FF61572DEED
# CVE-2026-3844 Mass Exploit

CVE-2026-3844 โ€“ [Breeze Cache WordPress](https://github.com/advisories/GHSA-c529-q7mw-hq6j) <=2.4.4 allows unauthenticated file upload via fetch_gravatar_from_remote when local gravatar hosting is enabled.

---

## Installation

Download repository
```bash
git clone https://github.com/im-hanzou/CVE-2026-3844
```
Go to repository folder
```bash
cd CVE-2026-3844
```
Install requirements
```bash
pip install -r requirements.txt
```

## Usage

Prepare a text file, one target per line:
```
https://example.com
192.168.1.1:8080
```

Run this command to display the usage guide
```bash
python CVE-2026-3844.py -h
```

Results are saved to
- `successful_uploads.txt` โ€” uploaded file urls

---

## Disclaimer

This tool is for educational and authorized security research purposes only. The author is not responsible for any misuse or damage caused by this tool. Only use against systems you own or have explicit permission to test.