MEDIUMCVE-2025-59112

CVE-2025-59112: CSRF in Windu CMS User Editing

Platform

php

Component

windu-cms

Fixed in

4.1.1

AI Confidence: highNVDEPSS 0.0%Reviewed: May 2026

View on NVD

Save

CVE-2025-59112 represents a Cross-Site Request Forgery (CSRF) vulnerability affecting Windu CMS. This flaw allows an attacker to trigger unintended actions on behalf of an authenticated user, specifically the deletion of user accounts. The vulnerability impacts versions 0 through 4.1, and a fix is available in version 4.1 build 2250.

Impact and Attack Scenarios

An attacker can exploit this CSRF vulnerability by crafting a malicious website. When a logged-in Windu CMS user visits this website, a hidden POST request will be sent to the CMS, resulting in the deletion of the user's account. This could lead to denial of service for the affected user and potentially compromise the integrity of the CMS if the deleted user had administrative privileges. The blast radius is limited to users who are logged into the CMS and visit the malicious site, but the impact on individual users can be significant.

Exploitation Context

This vulnerability was publicly disclosed on 2025-11-18. There are currently no known public proof-of-concept exploits available. The vulnerability is not listed on the CISA KEV catalog at the time of writing. Active exploitation is currently unconfirmed.

Threat Intelligence

Exploit Status

Proof of ConceptUnknown

CISA KEVNO

EPSS

0.03% (7% percentile)

CISA SSVC

Exploitationnone

Automatableno

Technical Impactpartial

Affected Software

Componentwindu-cms

VendorJCD

Affected rangeFixed in

4.0.0 – 4.1.04.1.1

Weakness Classification (CWE)

CWE-352

Timeline

Reserved2025-09-09
Published2025-11-18
Modified2025-12-05
EPSS updated2026-03-23

Mitigation and Workarounds

The primary mitigation for CVE-2025-59112 is to upgrade Windu CMS to version 4.1 build 2250 or later. If upgrading is not immediately feasible, consider implementing CSRF protection mechanisms such as adding CSRF tokens to all forms and sensitive endpoints. Web Application Firewalls (WAFs) can be configured to detect and block suspicious POST requests. After upgrading, confirm the vulnerability is resolved by attempting to delete a test user account via a crafted CSRF request.

How to fix

Update Windu CMS to version 4.1 build 2250 or higher. This update corrects the Cross-Site Request Forgery (CSRF) vulnerability in the user editing functionality. Updating prevents a malicious attacker from deleting users without authorization.

CVE Security Newsletter

Vulnerability analysis and critical alerts directly to your inbox.

Frequently asked questions

What is CVE-2025-59112 — CSRF in Windu CMS?

CVE-2025-59112 is a Cross-Site Request Forgery (CSRF) vulnerability in Windu CMS that allows attackers to delete user accounts.

Am I affected by CVE-2025-59112 in Windu CMS?

You are affected if you are using Windu CMS versions 0 through 4.1. Upgrade to 4.1 build 2250 to resolve the issue.

How do I fix CVE-2025-59112 in Windu CMS?

Upgrade Windu CMS to version 4.1 build 2250. As a temporary workaround, implement CSRF protection mechanisms like adding CSRF tokens to forms.

Is CVE-2025-59112 being actively exploited?

There are currently no confirmed reports of active exploitation, but it's crucial to apply the patch promptly.

Where can I find the official Windu CMS advisory for CVE-2025-59112?

Refer to the Windu CMS official website or security advisories for the latest information and updates regarding this vulnerability.