Unrated severityNVD Advisory· Published Aug 19, 2025· Updated Aug 19, 2025

CVE-2025-51529

Description

Incorrect Access Control in the AJAX endpoint functionality in jonkastonka Cookies and Content Security Policy plugin through version 2.29 allows remote attackers to cause a denial of service (database server resource exhaustion) via unlimited database write operations to the wp_ajax_nopriv_cacsp_insert_consent_data endpoint.

Affected products

jonkastonka/jonkastonka Cookies and Content Security Policy plugindescription

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

cookies.commitre
johan.commitre
gist.github.com/piotrmaciejbednarski/f738145c0ab24a110649dc16907e395bmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000