Plataforma
aruba
Componente
aruba-hispeed-cache
Corregido en
3.0.5
3.0.5
A Cross-Site Request Forgery (CSRF) vulnerability exists in the Aruba HiSpeed Cache plugin for WordPress, affecting versions up to and including 3.0.4. This flaw allows unauthenticated attackers to manipulate plugin settings by tricking an administrator into performing actions. The vulnerability stems from a lack of nonce verification within the ahscajaxreset_options() function. A fix is available in version 3.0.5.
Successful exploitation of this CSRF vulnerability allows an attacker to completely reset the Aruba HiSpeed Cache plugin's configuration to its default values. This can disrupt caching functionality, potentially impacting website performance and user experience. While the impact isn't directly data theft or system compromise, it can be used as a diversionary tactic or to cause denial-of-service-like effects by disabling caching. The attacker needs to craft a malicious link or form that, when accessed by an administrator, triggers the settings reset without their knowledge.
This vulnerability was publicly disclosed on 2026-04-10. No known public proof-of-concept exploits are currently available. The vulnerability is not listed on the CISA KEV catalog at the time of writing. The CVSS score of 4.3 (Medium) indicates a moderate risk, suggesting potential for exploitation if the plugin is widely deployed and administrators are not vigilant.
Websites utilizing the Aruba HiSpeed Cache plugin, particularly those with shared hosting environments or where plugin updates are not performed regularly, are at risk. WordPress administrators who routinely click on links from untrusted sources are also vulnerable.
• wordpress / composer / npm:
grep -r 'ahsc_ajax_reset_options()' /var/www/html/wp-content/plugins/aruba-hispeed-cache/• wordpress / composer / npm:
wp plugin list --status=all | grep aruba-hispeed-cache• wordpress / composer / npm:
wp plugin update aruba-hispeed-cache --alldisclosure
Estado del Exploit
EPSS
0.02% (4% percentil)
CISA SSVC
Vector CVSS
The primary mitigation is to immediately upgrade the Aruba HiSpeed Cache plugin to version 3.0.5 or later. If upgrading is not immediately feasible, consider implementing a Web Application Firewall (WAF) rule to block requests to the ahscajaxreset_options() endpoint that lack proper nonce verification. Alternatively, restrict access to the plugin's administrative interface to trusted users only. Regularly audit WordPress plugin configurations for any unusual changes.
Actualizar a la versión 3.0.5, o una versión parcheada más reciente
Análisis de vulnerabilidades y alertas críticas directamente en tu correo.
CVE-2026-1924 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the Aruba HiSpeed Cache WordPress plugin versions up to 3.0.4, allowing attackers to reset plugin settings.
You are affected if you are using the Aruba HiSpeed Cache plugin in versions 3.0.4 or earlier. Upgrade to 3.0.5 or later to mitigate the risk.
Upgrade the Aruba HiSpeed Cache plugin to version 3.0.5 or later. Consider WAF rules or restricting admin access as temporary workarounds.
There are currently no confirmed reports of active exploitation, but the vulnerability is publicly known and could be targeted.
Refer to the Aruba Security Advisories page for the latest information: [https://www.arubanetworks.com/assets/security-advisories/](https://www.arubanetworks.com/assets/security-advisories/)
Sube tu archivo de dependencias y detecta esta y otras CVEs al instante.