PT-2025-33736 · WordPress · Jonkastonka Cookies/Content Security Policy
Piotrmaciejbednarski
·
Published
2025-08-19
·
Updated
2025-10-21
·
CVE-2025-51529
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
jonkastonka Cookies and Content Security Policy plugin versions through 2.29
Description:
Incorrect access control in the AJAX endpoint functionality allows remote attackers to cause a denial of service (database server resource exhaustion) via unlimited database write operations to the
wp ajax nopriv cacsp insert consent data endpoint.Recommendations:
Update jonkastonka Cookies and Content Security Policy plugin to a version later than 2.29.
Exploit
Fix
DoS
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Jonkastonka Cookies/Content Security Policy