59 matches found
CVE-2026-1924
The Aruba HiSpeed Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.0.4. This is due to missing nonce verification on the ahscajaxresetoptions function. This makes it possible for unauthenticated attackers to reset all plugin settings t...
CVE-2026-1924 Aruba HiSpeed Cache <= 3.0.4 - Cross-Site Request Forgery to Plugin Settings Reset
The Aruba HiSpeed Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.0.4. This is due to missing nonce verification on the ahscajaxresetoptions function. This makes it possible for unauthenticated attackers to reset all plugin settings t...
CVE-2026-1924 Aruba HiSpeed Cache <= 3.0.4 - Cross-Site Request Forgery to Plugin Settings Reset
The Aruba HiSpeed Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.0.4. This is due to missing nonce verification on the ahscajaxresetoptions function. This makes it possible for unauthenticated attackers to reset all plugin settings t...
CVE-2026-1924
The connected Patchstack entry describes a CSRF to Plugin Settings Reset vulnerability in WordPress Aruba HiSpeed Cache plugin, affecting versions
EUVD-2026-21250
The Aruba HiSpeed Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.0.4. This is due to missing nonce verification on the ahscajaxresetoptions function. This makes it possible for unauthenticated attackers to reset all plugin settings t...
WordPress Aruba HiSpeed Cache plugin <= 3.0.4 - Cross-Site Request Forgery to Plugin Settings Reset vulnerability
Cross-Site Request Forgery to Plugin Settings Reset vulnerability discovered by Legion Hunter in WordPress Plugin Aruba HiSpeed Cache versions = 3.0.4...
PT-2026-31843
Name of the Vulnerable Software and Affected Versions Aruba HiSpeed Cache plugin for WordPress versions up to and including 3.0.4 Description The Aruba HiSpeed Cache plugin for WordPress is susceptible to Cross-Site Request Forgery. This is caused by the absence of nonce verification within the...
WordPress plugin Aruba HiSpeed Cache 跨站请求伪造漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
CVE-2026-23694
Aruba HiSpeed Cache aruba-hispeed-cache WordPress plugin versions prior to 3.0.5 contain a cross-site request forgery CSRF vulnerability affecting multiple administrative AJAX actions. The handlers for ahscresetoptions, ahscdebugstatus, and ahscenablepurge perform authentication and capability...
CVE-2026-23694
Aruba HiSpeed Cache aruba-hispeed-cache WordPress plugin versions prior to 3.0.5 contain a cross-site request forgery CSRF vulnerability affecting multiple administrative AJAX actions. The handlers for ahscresetoptions, ahscdebugstatus, and ahscenablepurge perform authentication and capability...
CVE-2026-23694 Aruba HiSpeed Cache < 3.0.5 CSRF in Multiple Administrative AJAX Actions
Aruba HiSpeed Cache aruba-hispeed-cache WordPress plugin versions prior to 3.0.5 contain a cross-site request forgery CSRF vulnerability affecting multiple administrative AJAX actions. The handlers for ahscresetoptions, ahscdebugstatus, and ahscenablepurge perform authentication and capability...
CVE-2026-23694 Aruba HiSpeed Cache < 3.0.5 CSRF in Multiple Administrative AJAX Actions
Aruba HiSpeed Cache aruba-hispeed-cache WordPress plugin versions prior to 3.0.5 contain a cross-site request forgery CSRF vulnerability affecting multiple administrative AJAX actions. The handlers for ahscresetoptions, ahscdebugstatus, and ahscenablepurge perform authentication and capability...
PT-2026-21555
Name of the Vulnerable Software and Affected Versions Aruba HiSpeed Cache WordPress plugin versions prior to 3.0.5 Description The Aruba HiSpeed Cache WordPress plugin is susceptible to a cross-site request forgery CSRF issue impacting several administrative AJAX actions. Specifically, the ahsc...
WordPress plugin Aruba HiSpeed Cache 跨站请求伪造漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress Aruba HiSpeed Cache plugin <= 3.0.2 - Missing Authorization to Unauthenticated Plugin's Settings Modification vulnerability
Missing Authorization to Unauthenticated Plugin's Settings Modification vulnerability discovered by mikemyers in WordPress Plugin Aruba HiSpeed Cache versions = 3.0.2...
WordPress Aruba HiSpeed Cache plugin <= 3.0.2 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by mikemyers in WordPress Plugin Aruba HiSpeed Cache versions = 3.0.2...
CVE-2025-11706
The Aruba HiSpeed Cache plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the dbstatus parameter in all versions up to, and including, 3.0.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary...
CVE-2025-11725
The Aruba HiSpeed Cache plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability checks on the multiple functions in all versions up to, and including, 3.0.2. This makes it possible for unauthenticated attackers to modify plugin's configuration settings,...
CVE-2026-23545
Missing Authorization vulnerability in Aruba.it Dev Aruba HiSpeed Cache aruba-hispeed-cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Aruba HiSpeed Cache: from n/a through = 3.0.4...
CVE-2026-23545
CVE-2026-23545 describes a Missing Authorization/Broken Access Control vulnerability in the Aruba HiSpeed Cache WordPress plugin. Affected product: Aruba HiSpeed Cache, up to version 3.0.4. Public sources (Patchstack, CVE list, Red Hat/CVE repositories, and Wordfence vulnerability reports) confir...