关联漏洞
标题:
WordPress plugin Quentn WP 安全漏洞
(CVE-2025-39596)
描述:WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是一个应用插件。 WordPress plugin Quentn WP 1.2.8及之前版本存在安全漏洞,该漏洞源于弱身份验证,可能导致权限提升。
描述
Quentn WP <= 1.2.8 - Unauthenticated Privilege Escalation
介绍
# CVE-2025-39596
Quentn WP <= 1.2.8 - Unauthenticated Privilege Escalation
# 🚨 Quentn WP <= 1.2.8 - Unauthenticated Privilege Escalation
## 📝 Description
The **Quentn WP** plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, **1.2.8**. This allows **unauthenticated attackers** to escalate their privileges to **administrator** level.
- **CVE:** `CVE-2025-39596`
- **CVSS:** `9.8 (Critical)`
---
## 💻 Exploit Script Description
This repository contains a Python exploit for CVE-2025-39596, allowing the creation of a new WordPress admin user **without authentication** using a crafted API request.
**Features:**
- HTTP/HTTPS auto-detection
- Advanced randomization & evasion headers
- Proxy, cookie, SSL-bypass, and header-bypass support
- Clean modular structure for easy tweaking
---
## ⚙️ Usage
```bash
python3 CVE-2025-39596.py -u <target_url> -e <email> [options]
```
**Required Arguments:**
- `-u`, `--url` Target WordPress site URL (e.g., http://127.0.0.1/wordpress)
- `-e`, `--email` Email for the new admin account
**Optional Arguments:**
- `-f`, `--fname` First name (default: Pwn)
- `-l`, `--lname` Last name (default: Admin)
- `-r`, `--role` Role to assign (default: administrator)
- `-k`, `--key` Quentn API key if known
- `--cookie` Cookie for authenticated bypass if available
- `--proxy` Proxy support (e.g., http://127.0.0.1:8080)
- `--skip-ssl` Skip SSL verification
- `--extra` Enable extra evasion headers
**Example:**
```bash
python3 CVE-2025-39596.py -u http://target.com/wordpress -e hacked@attacker.com --fname Root --lname User --proxy http://127.0.0.1:8080 --extra
```
---
## 📤 Output
- On **Success**:
`Exploit Success By | Nxploited`
- On **Failure**:
Shows the HTTP status code and response message for troubleshooting.
---
## ⚠️ Disclaimer
This tool is provided **for educational and authorized security testing purposes only**.
**Any misuse is strictly prohibited.**
The author is **not responsible** for any damage or misuse caused by this code.
---
**_By: Nxploited ( Khaled Alenazi )_**
文件快照
[4.0K] /data/pocs/a3811b7312f0afecd0378d9b14dab1d49b3ce026
├── [6.2K] CVE-2025-39596.py
├── [1.5K] LICENSE
├── [2.4K] README.md
└── [ 17] requirements.txt
0 directories, 4 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。