CVE-2026-2468

Name of the Vulnerable Software and Affected Versions Quentn WP plugin for WordPress versions through 1.2.12

Description The Quentn WP plugin for WordPress is susceptible to SQL Injection due to inadequate input sanitization and insufficient SQL query preparation. Specifically, the vulnerability resides in the get user access() method and affects the qntn wp access cookie. This allows unauthenticated attackers to inject additional SQL queries, potentially leading to the extraction of sensitive information from the database.

Recommendations Update the Quentn WP plugin to a version later than 1.2.12.