CVE-2025-59114

Name of the Vulnerable Software and Affected Versions Windu CMS version 4.1 Windu CMS (affected versions not specified)

Description Windu CMS is susceptible to a Cross-Site Request Forgery (CSRF) issue within its file uploading functionality. A malicious actor can create a specially crafted website that, when accessed by a victim, will automatically send a malicious file to the server. The vendor was informed of this issue but did not provide details regarding vulnerable versions.

Recommendations Apply a fix for Windu CMS version 4.1. For other versions, apply a fix when available.