Aruba Hispeed Cache

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-1924 MEDIUM This Month

Cross-site request forgery in Aruba HiSpeed Cache WordPress plugin up to version 3.0.4 allows unauthenticated attackers to reset all plugin settings to defaults by tricking site administrators into clicking a malicious link, due to missing nonce verification on the ahsc_ajax_reset_options() function. The CVSS score of 4.3 reflects the low-impact integrity violation requiring user interaction, with no known public exploit code or confirmed active exploitation.

WordPress PHP CSRF Aruba Hispeed Cache

NVD

CVSS 3.1

4.3

EPSS

0.0%

CVE-2026-1924

EPSS 0% CVSS 4.3

MEDIUM This Month

Cross-site request forgery in Aruba HiSpeed Cache WordPress plugin up to version 3.0.4 allows unauthenticated attackers to reset all plugin settings to defaults by tricking site administrators into clicking a malicious link, due to missing nonce verification on the ahsc_ajax_reset_options() function. The CVSS score of 4.3 reflects the low-impact integrity violation requiring user interaction, with no known public exploit code or confirmed active exploitation.

WordPress PHP CSRF +1

NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy