CVE-2025-59111

Name of the Vulnerable Software and Affected Versions Windu CMS version 4.1 Windu CMS (affected versions not specified)

Description Windu CMS has a flaw related to access control in the user editing feature. An attacker with sufficient privileges can send a GET request to delete Super Admins, a function not normally accessible through the graphical user interface. The vendor was informed of this issue but did not provide details about vulnerable versions.

Recommendations Apply any available updates or patches for Windu CMS version 4.1. For other versions, implement strict access controls and regularly review user privileges.