CVE-2025-59112 represents a Cross-Site Request Forgery (CSRF) vulnerability affecting Windu CMS. This flaw allows an attacker to trigger unintended actions on behalf of an authenticated user, specifically the deletion of user accounts. The vulnerability impacts versions 0 through 4.1, and a fix is available in version 4.1 build 2250.
An attacker can exploit this CSRF vulnerability by crafting a malicious website. When a logged-in Windu CMS user visits this website, a hidden POST request will be sent to the CMS, resulting in the deletion of the user's account. This could lead to denial of service for the affected user and potentially compromise the integrity of the CMS if the deleted user had administrative privileges. The blast radius is limited to users who are logged into the CMS and visit the malicious site, but the impact on individual users can be significant.
This vulnerability was publicly disclosed on 2025-11-18. There are currently no known public proof-of-concept exploits available. The vulnerability is not listed on the CISA KEV catalog at the time of writing. Active exploitation is currently unconfirmed.
Administrators and users of Windu CMS installations running versions 0 through 4.1 are at risk. Shared hosting environments using Windu CMS are particularly vulnerable, as they may be more difficult to patch quickly. Users with administrative privileges are at higher risk due to the potential for account compromise.
• wordpress / composer / npm:
grep -r "/admin/user_edit.php" . # Check for user edit page without CSRF tokens• generic web:
curl -I https://your-windu-cms-site.com/admin/user_edit.php | grep -i 'csrf'disclosure
漏洞利用状态
EPSS
0.03% (7% 百分位)
CISA SSVC
The primary mitigation for CVE-2025-59112 is to upgrade Windu CMS to version 4.1 build 2250 or later. If upgrading is not immediately feasible, consider implementing CSRF protection mechanisms such as adding CSRF tokens to all forms and sensitive endpoints. Web Application Firewalls (WAFs) can be configured to detect and block suspicious POST requests. After upgrading, confirm the vulnerability is resolved by attempting to delete a test user account via a crafted CSRF request.
将 Windu CMS 更新到 4.1 build 2250 或更高版本。此更新修复了用户编辑功能中的跨站请求伪造 (CSRF) 漏洞。更新后,可以防止恶意攻击者未经授权删除用户。
漏洞分析和关键警报直接发送到您的邮箱。
CVE-2025-59112 is a Cross-Site Request Forgery (CSRF) vulnerability in Windu CMS that allows attackers to delete user accounts.
You are affected if you are using Windu CMS versions 0 through 4.1. Upgrade to 4.1 build 2250 to resolve the issue.
Upgrade Windu CMS to version 4.1 build 2250. As a temporary workaround, implement CSRF protection mechanisms like adding CSRF tokens to forms.
There are currently no confirmed reports of active exploitation, but it's crucial to apply the patch promptly.
Refer to the Windu CMS official website or security advisories for the latest information and updates regarding this vulnerability.