The Aimogen Pro - All-in-One AI Content Writer, Editor, ChatBot & Automation Toolkit plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.8.4. This is due to due to a missing capability check on the 'aiomatic_call_google_ai_function' function. This makes it possible for unauthenticated attackers to leverage the 'aimogen_wp_god_mode' tool to clear function blacklists and execute arbitrary PHP functions, such as creating administrator accounts.
Metrics
Affected Vendors & Products
References
History
Fri, 17 Jul 2026 07:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Coderevolution
Coderevolution aimogen Pro - All-in-one Ai Content Writer, Editor, Chatbot & Automation Toolkit Wordpress Wordpress wordpress |
|
| Vendors & Products |
Coderevolution
Coderevolution aimogen Pro - All-in-one Ai Content Writer, Editor, Chatbot & Automation Toolkit Wordpress Wordpress wordpress |
Fri, 17 Jul 2026 05:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | The Aimogen Pro - All-in-One AI Content Writer, Editor, ChatBot & Automation Toolkit plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.8.4. This is due to due to a missing capability check on the 'aiomatic_call_google_ai_function' function. This makes it possible for unauthenticated attackers to leverage the 'aimogen_wp_god_mode' tool to clear function blacklists and execute arbitrary PHP functions, such as creating administrator accounts. | |
| Title | Aimogen Pro - All-in-One AI Content Writer, Editor, ChatBot & Automation Toolkit <= 2.8.4 - Unauthenticated Privilege Escalation via 'aiomatic_call_google_ai_function' | |
| Weaknesses | CWE-269 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: Wordfence
Published:
Updated: 2026-07-17T05:35:58.570Z
Reserved: 2026-07-16T17:05:25.189Z
Link: CVE-2026-15982
No data.
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-17T07:00:07Z