{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-11725", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-10-13T21:04:53.361Z", "datePublished": "2026-02-19T03:25:11.535Z", "dateUpdated": "2026-04-08T16:43:04.598Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:43:04.598Z"}, "affected": [{"vendor": "arubadev", "product": "Aruba HiSpeed Cache", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.0.2", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Aruba HiSpeed Cache plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability checks on the multiple functions in all versions up to, and including, 3.0.2. This makes it possible for unauthenticated attackers to modify plugin's configuration settings, enable or disable features, as well as enable/disable WordPress cron jobs or debug mode"}], "title": "Aruba HiSpeed Cache <= 3.0.2 - Missing Authorization to Unauthenticated Plugin's Settings Modification", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2830c958-13d1-4c69-8dde-7fc091db02eb?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/aruba-hispeed-cache/tags/3.0.1/aruba-hispeed-cache.php#L618"}, {"url": "https://plugins.trac.wordpress.org/browser/aruba-hispeed-cache/tags/3.0.1/aruba-hispeed-cache.php#L590"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3399636%40aruba-hispeed-cache&new=3399636%40aruba-hispeed-cache&sfp_email=&sfph_mail="}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-862 Missing Authorization", "cweId": "CWE-862", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Michael Mazzolini"}], "timeline": [{"time": "2025-10-08T00:00:00.000Z", "lang": "en", "value": "Discovered"}, {"time": "2026-02-18T14:59:09.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-19T17:23:22.860076Z", "id": "CVE-2025-11725", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-19T17:43:52.800Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-11725", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-19T17:23:22.860076Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-19T17:23:24.428Z"}}], "cna": {"title": "Aruba HiSpeed Cache <= 3.0.2 - Missing Authorization to Unauthenticated Plugin's Settings Modification", "credits": [{"lang": "en", "type": "finder", "value": "Michael Mazzolini"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}}], "affected": [{"vendor": "arubadev", "product": "Aruba HiSpeed Cache", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "3.0.2"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-10-08T00:00:00.000Z", "value": "Discovered"}, {"lang": "en", "time": "2026-02-18T14:59:09.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2830c958-13d1-4c69-8dde-7fc091db02eb?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/aruba-hispeed-cache/tags/3.0.1/aruba-hispeed-cache.php#L618"}, {"url": "https://plugins.trac.wordpress.org/browser/aruba-hispeed-cache/tags/3.0.1/aruba-hispeed-cache.php#L590"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3399636%40aruba-hispeed-cache&new=3399636%40aruba-hispeed-cache&sfp_email=&sfph_mail="}], "descriptions": [{"lang": "en", "value": "The Aruba HiSpeed Cache plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability checks on the multiple functions in all versions up to, and including, 3.0.2. This makes it possible for unauthenticated attackers to modify plugin's configuration settings, enable or disable features, as well as enable/disable WordPress cron jobs or debug mode"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:43:04.598Z"}}}, "cveMetadata": {"cveId": "CVE-2025-11725", "state": "PUBLISHED", "dateUpdated": "2026-04-08T16:43:04.598Z", "dateReserved": "2025-10-13T21:04:53.361Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2026-02-19T03:25:11.535Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Aruba HiSpeed Cache plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability checks on the multiple functions in all versions up to, and including, 3.0.2. This makes it possible for unauthenticated attackers to modify plugin's configuration settings, enable or disable features, as well as enable/disable WordPress cron jobs or debug mode"}, {"lang": "es", "value": "El plugin Aruba HiSpeed Cache para WordPress es vulnerable a la modificaci\u00f3n no autorizada de datos debido a la falta de comprobaciones de capacidad en m\u00faltiples funciones en todas las versiones hasta la 3.0.2, inclusive. Esto hace posible que atacantes no autenticados modifiquen la configuraci\u00f3n del plugin, habiliten o deshabiliten funciones, as\u00ed como habiliten/deshabiliten las tareas cron de WordPress o el modo de depuraci\u00f3n."}], "id": "CVE-2025-11725", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 2.5, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2026-02-19T07:17:26.593", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/aruba-hispeed-cache/tags/3.0.1/aruba-hispeed-cache.php#L590"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/aruba-hispeed-cache/tags/3.0.1/aruba-hispeed-cache.php#L618"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3399636%40aruba-hispeed-cache&new=3399636%40aruba-hispeed-cache&sfp_email=&sfph_mail="}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2830c958-13d1-4c69-8dde-7fc091db02eb?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,3.0.2]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "original": {"product": "Aruba HiSpeed Cache", "source": "cna", "vendor": "arubadev"}, "product": "aruba_hispeed_cache", "vendor": "arubadev"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-04-22T19:55:40.530384+00:00", "value": {"mitigation_remediation": ["Update the Aruba HiSpeed Cache plugin to the latest version that resolves the capability checks.", "If an immediate update is not feasible, temporarily disable or delete the plugin until a patched version is available.", "Restrict access to the plugin\u2019s configuration URLs by implementing IP whitelisting or firewall rules to limit exposure to trusted hosts."], "summary": {"action": "Immediate Patch", "impact": "Unauthorized Configuration Modification"}, "threat_synthesis": {"affected_systems": "Aruba HiSpeed Cache plugin for WordPress, versions up to and including 3.0.2, regardless of the WordPress core version. Clients running any of these affected releases should verify their plugin version and upgrade if possible.", "description_and_impact": "The Aruba HiSpeed Cache WordPress plugin contains missing capability checks on several functions in all versions up to and including 3.0.2. This flaw allows any user who can reach the site\u2019s HTTP interface to modify the plugin\u2019s configuration settings, toggle features, enable or disable WordPress cron jobs, and turn debug mode on or off without authenticating. As a result, an attacker can gain unrestricted control over the plugin\u2019s behavior, potentially leading to denial of service, persistence, or a foothold for broader compromise. The weakness is identified as an authorization failure (CWE-862).", "risk_and_exploitability": "The CVSS score of 6.5 reflects a moderate severity, but the EPSS score of less than 1% indicates that the likelihood of exploitation is currently low. The vulnerability is not listed in the CISA KEV catalog, and no known exploits have been publicly reported. Nevertheless, because the flaw permits unauthenticated configuration changes through network-accessible endpoints, any exposed WordPress installation that uses the affected plugin is at risk. Attackers could reach the vulnerable endpoints without credentials, making remediation the most prudent course of action."}}}}, "created": "2026-02-19T10:07:45.214222+00:00", "updated": "2026-04-22T20:00:08.846908+00:00", "vendors": ["arubadev", "arubadev$PRODUCT$aruba_hispeed_cache", "wordpress", "wordpress$PRODUCT$wordpress"]}