PT-2026-60718 · Coderevolution · Aimogen Pro - All-In-One Ai Content Writer

·

CVE-2026-15982

·

Publicado

2026-07-17

·

Atualizado

2026-07-17

CVSS v3.1

9.8

Crítica

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
The Aimogen Pro - All-in-One AI Content Writer, Editor, ChatBot & Automation Toolkit plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.8.4. This is due to due to a missing capability check on the 'aiomatic call google ai function' function. This makes it possible for unauthenticated attackers to leverage the 'aimogen wp god mode' tool to clear function blacklists and execute arbitrary PHP functions, such as creating administrator accounts.

Correção

Improper Privilege Management

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

Enumeração de Fraquezas

Identificadores relacionados

CVE-2026-15982

Produtos afetados

Aimogen Pro - All-In-One Ai Content Writer