PT-2026-44747 · WordPress · Breeze
Duc193
+1
·
Published
2026-05-29
·
Updated
2026-06-04
·
CVE-2026-2128
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Breeze versions prior to 2.5.3
Description
Improper verification of the
wordpress logged in cookie in the inc/cache/execute-cache.php file occurs when the "Cache Logged-in Users" setting is enabled. The plugin uses the substr() function to parse the username directly from the cookie value to retrieve a cache file, but it does not verify the session's cryptographic signature or validity with WordPress core. This allows unauthenticated attackers to use a crafted cookie to trick the plugin into serving cached HTML content intended for an administrator. This can lead to the disclosure of sensitive information, including private posts, the Admin Bar, and WordPress nonces.Recommendations
Update to a version later than 2.5.2.
As a temporary workaround, disable the "Cache Logged-in Users" setting.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Breeze