Lucene search
K

60 matches found

Vulnrichment
Vulnrichment
added 2026/02/19 8:26 a.m.4 views

CVE-2026-23545 WordPress Aruba HiSpeed Cache plugin <= 3.0.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Aruba.it Dev Aruba HiSpeed Cache aruba-hispeed-cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Aruba HiSpeed Cache: from n/a through = 3.0.4...

6.5CVSS5.3AI score0.00194EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/19 8:26 a.m.29 views

CVE-2026-23545 WordPress Aruba HiSpeed Cache plugin <= 3.0.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Aruba.it Dev Aruba HiSpeed Cache aruba-hispeed-cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Aruba HiSpeed Cache: from n/a through = 3.0.4...

6.5CVSS0.00194EPSS
Exploits0References1
CVE
CVE
added 2026/02/19 8:26 a.m.9 views

CVE-2026-23545

CVE-2026-23545 describes a Missing Authorization/Broken Access Control vulnerability in the Aruba HiSpeed Cache WordPress plugin. Affected product: Aruba HiSpeed Cache, up to version 3.0.4. Public sources (Patchstack, CVE list, Red Hat/CVE repositories, and Wordfence vulnerability reports) confir...

6.5CVSS5.4AI score0.00194EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/19 8:26 a.m.4 views

CVE-2026-23545

Missing Authorization vulnerability in Aruba.it Dev Aruba HiSpeed Cache aruba-hispeed-cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Aruba HiSpeed Cache: from n/a through = 3.0.4...

5.5AI score0.00194EPSS
Exploits0References2
NVD
NVD
added 2026/02/19 7:17 a.m.6 views

CVE-2025-11706

The Aruba HiSpeed Cache plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the dbstatus parameter in all versions up to, and including, 3.0.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary...

6.1CVSS0.00283EPSS
Exploits0References3
CVE
CVE
added 2026/02/19 3:25 a.m.18 views

CVE-2025-11706

CVE-2025-11706 affects the Aruba HiSpeed Cache WordPress plugin up to version 3.0.2, due to insufficient input sanitization and output escaping of the dbstatus parameter. This allows unauthenticated attackers to inject arbitrary web scripts that execute when a user is tricked into performing an a...

6.1CVSS5.8AI score0.00283EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/19 3:25 a.m.3 views

CVE-2025-11706 Aruba HiSpeed Cache <= 3.0.2 - Reflected Cross-Site Scripting

The Aruba HiSpeed Cache plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the dbstatus parameter in all versions up to, and including, 3.0.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary...

6.1CVSS5.8AI score0.00283EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/19 3:25 a.m.6 views

CVE-2025-11725 Aruba HiSpeed Cache <= 3.0.2 - Missing Authorization to Unauthenticated Plugin's Settings Modification

The Aruba HiSpeed Cache plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability checks on the multiple functions in all versions up to, and including, 3.0.2. This makes it possible for unauthenticated attackers to modify plugin's configuration settings,...

6.5CVSS5.5AI score0.00277EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/02/19 3:25 a.m.30 views

CVE-2025-11725 Aruba HiSpeed Cache <= 3.0.2 - Missing Authorization to Unauthenticated Plugin's Settings Modification

The Aruba HiSpeed Cache plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability checks on the multiple functions in all versions up to, and including, 3.0.2. This makes it possible for unauthenticated attackers to modify plugin's configuration settings,...

6.5CVSS0.00277EPSS
Exploits0References4
CVE
CVE
added 2026/02/19 3:25 a.m.21 views

CVE-2025-11725

The CVE-2025-11725 entry concerns the Aruba HiSpeed Cache WordPress plugin, affected up to version 3.0.2. The vulnerability arises from missing capability checks in multiple functions, allowing unauthenticated attackers to modify the plugin’s configuration settings and enable/disable features. Im...

6.5CVSS5.5AI score0.00277EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/02/19 12:0 a.m.8 views

WordPress plugin Aruba HiSpeed Cache 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.5CVSS5.8AI score0.00194EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/19 12:0 a.m.12 views

WordPress plugin Aruba HiSpeed Cache 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.5CVSS5.8AI score0.00277EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.8 views

PT-2026-20573

Name of the Vulnerable Software and Affected Versions Aruba HiSpeed Cache versions up to and including 3.0.2 Description The Aruba HiSpeed Cache plugin for WordPress is susceptible to Reflected Cross-Site Scripting through the dbstatus parameter. Insufficient input sanitization and output escapin...

6.1CVSS5.3AI score0.00283EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.10 views

PT-2026-20663

Missing Authorization vulnerability in Aruba.it Dev Aruba HiSpeed Cache aruba-hispeed-cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Aruba HiSpeed Cache: from n/a through = 3.0.4...

5.5AI score0.00194EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/19 12:0 a.m.9 views

WordPress plugin Aruba HiSpeed Cache 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.1CVSS5.7AI score0.00283EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/10 5:41 a.m.4 views

CVE-2025-67913

Missing Authorization vulnerability in Aruba.it Dev Aruba HiSpeed Cache aruba-hispeed-cache allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Aruba HiSpeed Cache: from n/a through 3.0.3...

6.5CVSS5.9AI score0.00242EPSS
Exploits0References1
NVD
NVD
added 2026/01/08 10:15 a.m.6 views

CVE-2025-67913

Missing Authorization vulnerability in Aruba.it Dev Aruba HiSpeed Cache aruba-hispeed-cache allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Aruba HiSpeed Cache: from n/a through 3.0.3...

6.5CVSS0.00242EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/08 9:17 a.m.3 views

CVE-2025-67913 WordPress Aruba HiSpeed Cache plugin < 3.0.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Aruba.it Dev Aruba HiSpeed Cache aruba-hispeed-cache allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Aruba HiSpeed Cache: from n/a through 3.0.3...

6.5CVSS6.6AI score0.00242EPSS
Exploits0References1
CVE
CVE
added 2026/01/08 9:17 a.m.14 views

CVE-2025-67913

CVE-2025-67913 describes a Missing Authorization vulnerability in Aruba HiSpeed Cache (aruba-hispeed-cache). Access to functionality is not properly constrained by ACLs, affecting Aruba HiSpeed Cache versions older than 3.0.3. Red Hat notes the issue under the same CVE and confirms patching in Ar...

6.5CVSS6.6AI score0.00242EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/08 9:17 a.m.35 views

CVE-2025-67913 WordPress Aruba HiSpeed Cache plugin < 3.0.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Aruba.it Dev Aruba HiSpeed Cache aruba-hispeed-cache allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Aruba HiSpeed Cache: from n/a through 3.0.3...

6.5CVSS0.00242EPSS
Exploits0References1
Rows per page
Query Builder