CVE-2025-39596CriticalConfirmedExploit available
Share link
Anyone with the link can open this vulnerability.
Weak Authentication vulnerability in Quentn.com GmbH Quentn WP allows Privilege Escalation. This issue affects Quentn WP: from n/a through …
CVSS
9.8
Critical
EPSS
0.00
p38
Published
2025-01-01
Updated
2025-01-01
Description
Weak Authentication vulnerability in Quentn.com GmbH Quentn WP allows Privilege Escalation. This issue affects Quentn WP: from n/a through 1.2.8.
Tags · CWE
Pre-auth
CWE-1390
CWE-1390ClassIncomplete
Weak Authentication
The product uses an authentication mechanism to restrict access to specific users or identities, but the mechanism does not sufficiently prove that the claimed identity is correct.
https://cwe.mitre.org/data/definitions/1390.html →Open in CWE collection →CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Timeline
2025-01-01
Published
2025-01-01
Updated
CVSS 3.1 breakdown
Attack Vector
AV: N
Network (N)
Attack Complexity
AC: L
Low (L)
Privileges Required
PR: N
None (N)
User Interaction
UI: N
None (N)
Scope
S: U
Unchanged (U)
Confidentiality Impact
C: H
High (H)
Integrity Impact
I: H
High (H)
Availability Impact
A: H
High (H)
Exploit indicators
EPSS
0.005 · p38
Known exploited (KEV)
No
Known exploits — Сканер-ВС
CVE-2025-39596
github-poc · https://github.com/Nxploited/CVE-2025-39596
No vulnerabilities match your filters.