CVE-2025-11706
Awaiting Analysis Awaiting Analysis - Queue

Reflected XSS in Aruba HiSpeed Cache Plugin via dbstatus Parameter

Vulnerability report for CVE-2025-11706, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-02-19

Last updated on: 2026-02-19

Assigner: Wordfence

Description

The Aruba HiSpeed Cache plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the dbstatus parameter in all versions up to, and including, 3.0.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-02-19
Last Modified
2026-02-19
Generated
2026-07-06
AI Q&A
2026-02-19
EPSS Evaluated
2026-07-04
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
aruba aruba_hispeed_cache to 3.0.2 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

The Aruba HiSpeed Cache plugin for WordPress is vulnerable to Reflected Cross-Site Scripting (XSS) via the dbstatus parameter in all versions up to and including 3.0.2.

This vulnerability exists because the plugin does not properly sanitize input or escape output for the dbstatus parameter.

As a result, an unauthenticated attacker can inject arbitrary web scripts into pages, which will execute if a user is tricked into performing an action such as clicking on a malicious link.

Impact Analysis

This vulnerability can allow attackers to execute arbitrary scripts in the context of the affected website.

Potential impacts include theft of user credentials, session hijacking, defacement of the website, or redirection to malicious sites.

Because the attack can be performed by tricking users into clicking links, it poses a risk to site visitors and can undermine trust in the website.

The CVSS v3.1 base score of 6.1 indicates a medium severity with network attack vector, low attack complexity, no privileges required, but requiring user interaction.

Compliance Impact

I don't know

Detection Guidance

The vulnerability in the Aruba HiSpeed Cache plugin for WordPress is a Reflected Cross-Site Scripting (XSS) via the dbstatus parameter. Detection involves identifying attempts to inject malicious scripts through this parameter.

To detect exploitation attempts on your system or network, you can monitor web server logs for suspicious requests containing script tags or typical XSS payloads in the dbstatus parameter.

  • Use command-line tools like grep to search web server access logs for suspicious dbstatus parameter usage, e.g.:
  • grep -i 'dbstatus=.*<script' /var/log/apache2/access.log
  • Use intrusion detection systems (IDS) or web application firewalls (WAF) to detect and alert on reflected XSS patterns targeting the dbstatus parameter.
  • Monitor HTTP requests for unusual URL parameters or encoded payloads in dbstatus that could indicate an attack.
Mitigation Strategies

Immediate mitigation steps include updating the Aruba HiSpeed Cache plugin to a version later than 3.0.2 where the vulnerability is fixed.

If an update is not immediately possible, consider disabling the plugin temporarily to prevent exploitation.

Implement web application firewall (WAF) rules to block or sanitize requests containing malicious scripts in the dbstatus parameter.

Ensure that user input is properly sanitized and escaped on the server side, especially for parameters like dbstatus.

Review and apply security patches or updates provided by the plugin maintainers, as indicated by the security enhancements and nonce implementations in recent plugin versions.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-11706. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart