Filtered by vendor Aruba
Subscriptions
Filtered by product Aruba Hispeed Cache
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-23694 | 3 Aruba, Arubadev, Wordpress | 3 Aruba Hispeed Cache, Aruba Hispeed Cache, Wordpress | 2026-03-05 | N/A |
| Aruba HiSpeed Cache (aruba-hispeed-cache) WordPress plugin versions prior to 3.0.5 contain a cross-site request forgery (CSRF) vulnerability affecting multiple administrative AJAX actions. The handlers for ahsc_reset_options, ahsc_debug_status, and ahsc_enable_purge perform authentication and capability checks but do not verify a WordPress nonce for state-changing requests. An attacker can induce a logged-in administrator to visit a malicious webpage that submits forged requests to admin-ajax.php, resulting in unauthorized resetting of plugin settings, toggling of the WordPress WP_DEBUG configuration, or modification of cache purging behavior without the administrator’s intent. | ||||
| CVE-2025-67913 | 2 Aruba, Wordpress | 2 Aruba Hispeed Cache, Wordpress | 2026-01-20 | 9.8 Critical |
| Missing Authorization vulnerability in Aruba.it Dev Aruba HiSpeed Cache aruba-hispeed-cache allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Aruba HiSpeed Cache: from n/a through < 3.0.3. | ||||
| CVE-2023-44983 | 1 Aruba | 1 Aruba Hispeed Cache | 2024-11-21 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Aruba.It Aruba HiSpeed Cache.This issue affects Aruba HiSpeed Cache: from n/a through 2.0.6. | ||||
Page 1 of 1.