CVE-2026-23694 Aruba HiSpeed Cache < 3.0.5 CSRF in Multiple Administrative AJAX Actions

Aruba HiSpeed Cache aruba-hispeed-cache WordPress plugin versions prior to 3.0.5 contain a cross-site request forgery CSRF vulnerability affecting multiple administrative AJAX actions. The handlers for ahscresetoptions, ahscdebugstatus, and ahscenablepurge perform authentication and capability...

PT-2025-17116 · WordPress · Wp Debug Toggle

Name of the Vulnerable Software and Affected Versions: WP DEBUG Toggle versions n/a through 1.1 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Reflected XSS in the WP DEBUG Toggle plugin...