Unauthorized Data Modification in Genolve AI Image and Video Generation Plugin by WordPress
CVE-2026-1359
8.8HIGH
Key Information:
- Vendor
WordPress
- Vendor
- CVE Published:
- 11 July 2026
What is CVE-2026-1359?
The Genolve β AI image AI video generation plugin for WordPress is susceptible to unauthorized data modification due to a lack of necessary capability checks in its genolve_setOpt() function. This flaw affects all versions up to and including 5.0.5, allowing authenticated attackers with Contributor-level access or higher to change essential WordPress options. Such changes can potentially enable user registration and grant unauthorized roles, including elevating a user's privileges to that of an administrator.
Affected Version(s)
Genolve β Genolve AI Business Graphics, AI Images 0 <= 5.0.5