CyberRota
← Ana sayfaya dön

CVE-2026-15982

CRITICAL · CVSS 9.8

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-07-17T06:16:36.560 · Çekilme zamanı: 2026-07-17T12:06:42.650302+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

CVE
CVE-2026-15982
Severity
CRITICAL
CVSS
9.8
EPSS
Yok
WordPress

Orijinal NVD Açıklaması

The Aimogen Pro - All-in-One AI Content Writer, Editor, ChatBot & Automation Toolkit plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.8.4. This is due to due to a missing capability check on the 'aiomatic_call_google_ai_function' function. This makes it possible for unauthenticated attackers to leverage the 'aimogen_wp_god_mode' tool to clear function blacklists and execute arbitrary PHP functions, such as creating administrator accounts.