CVE-2025-51529
BaseFortify
Publication date: 2025-08-19
Last updated on: 2025-10-21
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| followmedarling | cookies_and_content_security_policy | to 2.29 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-51529 is an Incorrect Access Control vulnerability in the jonkastonka Cookies and Content Security Policy WordPress plugin (versions through 2.29). It allows remote attackers to exploit an AJAX endpoint (wp_ajax_nopriv_cacsp_insert_consent_data) without authentication to send unlimited POST requests that insert cookie consent data into the database. This leads to excessive database write operations, causing resource exhaustion of the database server and resulting in a denial of service (DoS). [1, 2]
How can this vulnerability impact me? :
This vulnerability can impact you by causing a denial of service (DoS) on your WordPress site using the affected plugin. Attackers can overwhelm your database server by repeatedly sending POST requests that insert data, exhausting CPU and disk I/O resources. This can lead to service disruption, making your website unavailable to legitimate users. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for excessive or unusual POST requests to the WordPress AJAX endpoint `/wp-admin/admin-ajax.php` with the parameter `action=cacsp_insert_consent_data`. Network or web server logs can be inspected for a high volume of such requests, especially from unauthenticated sources. A practical approach is to use command-line tools like `grep` or `awk` on access logs to filter these requests. For example, you can run: `grep 'POST /wp-admin/admin-ajax.php' /var/log/apache2/access.log | grep 'action=cacsp_insert_consent_data'` to identify suspicious traffic. Additionally, monitoring database growth or CPU/disk I/O spikes related to the database server may indicate exploitation attempts. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the vulnerable AJAX endpoint `/wp-admin/admin-ajax.php` for unauthenticated users, for example by implementing firewall rules or web application firewall (WAF) rules to block or rate-limit POST requests with `action=cacsp_insert_consent_data`. Another step is to update or patch the jonkastonka Cookies and Content Security Policy plugin to a version beyond 2.29 if available. If patching is not immediately possible, disabling the plugin or the vulnerable functionality temporarily can prevent exploitation. Monitoring and alerting on unusual request patterns and database resource usage is also recommended. [2]