Missing Authorization Vulnerability in Aruba HiSpeed Cache by Aruba.it
CVE-2025-67913

9.8CRITICAL

Key Information:

Vendor: WordPress
Status: Aruba Hispeed Cache
Vendor: CVE Published:; 8 January 2026

What is CVE-2025-67913?

A vulnerability exists in Aruba HiSpeed Cache that allows unauthorized access to certain functionalities due to insufficient access control limitations. This issue can be exploited by an attacker to perform actions that should be restricted, affecting security and integrity. The vulnerability impacts versions of Aruba HiSpeed Cache from n/a through less than 3.0.3. Proper implementation of access control measures is crucial to mitigate potential threats.

Affected Version(s)

Aruba HiSpeed Cache 0 <= 3.0.3

References

https://patchstack.com/database/Wordpress/Plugin/aruba-hi...

vdb-entry

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 8, 2026
Vulnerability Reserved
Dec 15, 2025

Credit

Legion Hunter | Patchstack Bug Bounty Program

CVE-2025-67913 Data

JSON

WordPress

What is CVE-2025-67913?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit