CVE-2026-1924
CSRF in Aruba HiSpeed Cache Plugin Allows Settings Reset
Publication date: 2026-04-10
Last updated on: 2026-04-10
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| aruba | hisped_cache | to 3.0.4 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-352 | The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
This vulnerability allows an attacker to reset all settings of the Aruba HiSpeed Cache plugin to their default values without authentication.
The impact is limited to integrity since the attacker cannot directly access or modify data but can disrupt the plugin's configuration.
This could lead to degraded website performance or loss of custom caching configurations, potentially affecting site availability or user experience.
Can you explain this vulnerability to me?
The Aruba HiSpeed Cache plugin for WordPress has a vulnerability known as Cross-Site Request Forgery (CSRF) in all versions up to and including 3.0.4.
This vulnerability exists because the function ahsc_ajax_reset_options() lacks nonce verification, which is a security measure to confirm that requests are legitimate.
As a result, an unauthenticated attacker can trick a site administrator into performing an action, such as clicking a malicious link, which causes all plugin settings to be reset to their default values without the administrator's explicit consent.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, you should update the Aruba HiSpeed Cache plugin for WordPress to a version later than 3.0.4 where the nonce verification issue in the ahsc_ajax_reset_options() function is fixed.
Additionally, avoid clicking on suspicious links or performing actions from untrusted sources that could trigger a forged request.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows unauthenticated attackers to reset all plugin settings to their default values by tricking a site administrator into performing an action. While this can lead to potential integrity issues, there is no direct indication from the provided information that it results in unauthorized data disclosure or loss of confidentiality.
Given the nature of the vulnerability (Cross-Site Request Forgery affecting plugin settings), it may indirectly impact compliance with standards like GDPR or HIPAA if security controls are weakened or configurations protecting personal data are reset. However, no explicit connection to compliance violations is stated in the provided context.