CVE-2026-15982
Gravedad CVSS v3.1:
CRÍTICA
Tipo:
CWE-269
Gestión de privilegios incorrecta
Fecha de publicación:
17/07/2026
Última modificación:
17/07/2026
Descripción
*** Pendiente de traducción *** The Aimogen Pro - All-in-One AI Content Writer, Editor, ChatBot & Automation Toolkit plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.8.4. This is due to due to a missing capability check on the 'aiomatic_call_google_ai_function' function. This makes it possible for unauthenticated attackers to leverage the 'aimogen_wp_god_mode' tool to clear function blacklists and execute arbitrary PHP functions, such as creating administrator accounts.
Impacto
Puntuación base 3.x
9.80
Gravedad 3.x
CRÍTICA



