Platform
aruba
Component
aruba-hispeed-cache
Fixed in
3.0.5
3.0.5
A Cross-Site Request Forgery (CSRF) vulnerability exists in the Aruba HiSpeed Cache plugin for WordPress, affecting versions up to and including 3.0.4. This flaw allows unauthenticated attackers to manipulate plugin settings by tricking an administrator into performing actions. The vulnerability stems from a lack of nonce verification within the ahscajaxreset_options() function. A fix is available in version 3.0.5.
Successful exploitation of this CSRF vulnerability allows an attacker to completely reset the Aruba HiSpeed Cache plugin's configuration to its default values. This can disrupt caching functionality, potentially impacting website performance and user experience. While the impact isn't directly data theft or system compromise, it can be used as a diversionary tactic or to cause denial-of-service-like effects by disabling caching. The attacker needs to craft a malicious link or form that, when accessed by an administrator, triggers the settings reset without their knowledge.
This vulnerability was publicly disclosed on 2026-04-10. No known public proof-of-concept exploits are currently available. The vulnerability is not listed on the CISA KEV catalog at the time of writing. The CVSS score of 4.3 (Medium) indicates a moderate risk, suggesting potential for exploitation if the plugin is widely deployed and administrators are not vigilant.
Exploit Status
EPSS
0.02% (4% percentile)
CISA SSVC
CVSS Vector
The primary mitigation is to immediately upgrade the Aruba HiSpeed Cache plugin to version 3.0.5 or later. If upgrading is not immediately feasible, consider implementing a Web Application Firewall (WAF) rule to block requests to the ahscajaxreset_options() endpoint that lack proper nonce verification. Alternatively, restrict access to the plugin's administrative interface to trusted users only. Regularly audit WordPress plugin configurations for any unusual changes.
Update to version 3.0.5, or a newer patched version
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-1924 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the Aruba HiSpeed Cache WordPress plugin versions up to 3.0.4, allowing attackers to reset plugin settings.
You are affected if you are using the Aruba HiSpeed Cache plugin in versions 3.0.4 or earlier. Upgrade to 3.0.5 or later to mitigate the risk.
Upgrade the Aruba HiSpeed Cache plugin to version 3.0.5 or later. Consider WAF rules or restricting admin access as temporary workarounds.
There are currently no confirmed reports of active exploitation, but the vulnerability is publicly known and could be targeted.
Refer to the Aruba Security Advisories page for the latest information: [https://www.arubanetworks.com/assets/security-advisories/](https://www.arubanetworks.com/assets/security-advisories/)
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.