Privilege Escalation Vulnerability in Aimogen Pro Plugin for WordPress
CVE-2026-15982
9.8CRITICAL
Key Information:
- Vendor
WordPress
- Vendor
- CVE Published:
- 17 July 2026
What is CVE-2026-15982?
The Aimogen Pro plugin for WordPress, utilized for various AI-driven content solutions, has a vulnerability that allows privilege escalation. This issue stems from a missing capability check in the 'aiomatic_call_google_ai_function' function, which can be exploited by unauthenticated attackers. By utilizing the 'aimogen_wp_god_mode' tool, these attackers can bypass restrictions on function execution, leading to the possibility of creating unauthorized administrator accounts and executing arbitrary PHP functions on affected WordPress installations.
Affected Version(s)
Aimogen Pro - All-in-One AI Content Writer, Editor, ChatBot & Automation Toolkit 0 <= 2.8.4