CVE-2025-59112: CSRF in Windu CMS User Editing
Platform
php
Component
windu-cms
Fixed in
4.1.1
CVE-2025-59112 represents a Cross-Site Request Forgery (CSRF) vulnerability affecting Windu CMS. This flaw allows an attacker to trigger unintended actions on behalf of an authenticated user, specifically the deletion of user accounts. The vulnerability impacts versions 0 through 4.1, and a fix is available in version 4.1 build 2250.
Impact and Attack Scenarios
An attacker can exploit this CSRF vulnerability by crafting a malicious website. When a logged-in Windu CMS user visits this website, a hidden POST request will be sent to the CMS, resulting in the deletion of the user's account. This could lead to denial of service for the affected user and potentially compromise the integrity of the CMS if the deleted user had administrative privileges. The blast radius is limited to users who are logged into the CMS and visit the malicious site, but the impact on individual users can be significant.
Exploitation Context
This vulnerability was publicly disclosed on 2025-11-18. There are currently no known public proof-of-concept exploits available. The vulnerability is not listed on the CISA KEV catalog at the time of writing. Active exploitation is currently unconfirmed.
Threat Intelligence
Exploit Status
EPSS
0.03% (7% percentile)
CISA SSVC
Affected Software
Weakness Classification (CWE)
Timeline
- Reserved
- Published
- Modified
- EPSS updated
Mitigation and Workarounds
The primary mitigation for CVE-2025-59112 is to upgrade Windu CMS to version 4.1 build 2250 or later. If upgrading is not immediately feasible, consider implementing CSRF protection mechanisms such as adding CSRF tokens to all forms and sensitive endpoints. Web Application Firewalls (WAFs) can be configured to detect and block suspicious POST requests. After upgrading, confirm the vulnerability is resolved by attempting to delete a test user account via a crafted CSRF request.
How to fix
Update Windu CMS to version 4.1 build 2250 or higher. This update corrects the Cross-Site Request Forgery (CSRF) vulnerability in the user editing functionality. Updating prevents a malicious attacker from deleting users without authorization.
CVE Security Newsletter
Vulnerability analysis and critical alerts directly to your inbox.
Frequently asked questions
What is CVE-2025-59112 — CSRF in Windu CMS?
CVE-2025-59112 is a Cross-Site Request Forgery (CSRF) vulnerability in Windu CMS that allows attackers to delete user accounts.
Am I affected by CVE-2025-59112 in Windu CMS?
You are affected if you are using Windu CMS versions 0 through 4.1. Upgrade to 4.1 build 2250 to resolve the issue.
How do I fix CVE-2025-59112 in Windu CMS?
Upgrade Windu CMS to version 4.1 build 2250. As a temporary workaround, implement CSRF protection mechanisms like adding CSRF tokens to forms.
Is CVE-2025-59112 being actively exploited?
There are currently no confirmed reports of active exploitation, but it's crucial to apply the patch promptly.
Where can I find the official Windu CMS advisory for CVE-2025-59112?
Refer to the Windu CMS official website or security advisories for the latest information and updates regarding this vulnerability.
Is your project affected?
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.