The Aimogen Pro - All-in-One AI Content Writer, Editor, ChatBot & Automation Toolkit plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.8.4. This is due to due to a missing capability check on the 'aiomatic_call_google_ai_function' function. This makes it possible for unauthenticated attackers to leverage the 'aimogen_wp_god_mode' tool to clear function blacklists and execute arbitrary PHP functions, such as creating administrator accounts.
Project Subscriptions
Advisories
No advisories yet.
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Fri, 17 Jul 2026 10:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Fri, 17 Jul 2026 07:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Coderevolution
Coderevolution aimogen Pro - All-in-one Ai Content Writer, Editor, Chatbot & Automation Toolkit Wordpress Wordpress wordpress |
|
| Vendors & Products |
Coderevolution
Coderevolution aimogen Pro - All-in-one Ai Content Writer, Editor, Chatbot & Automation Toolkit Wordpress Wordpress wordpress |
Fri, 17 Jul 2026 05:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | The Aimogen Pro - All-in-One AI Content Writer, Editor, ChatBot & Automation Toolkit plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.8.4. This is due to due to a missing capability check on the 'aiomatic_call_google_ai_function' function. This makes it possible for unauthenticated attackers to leverage the 'aimogen_wp_god_mode' tool to clear function blacklists and execute arbitrary PHP functions, such as creating administrator accounts. | |
| Title | Aimogen Pro - All-in-One AI Content Writer, Editor, ChatBot & Automation Toolkit <= 2.8.4 - Unauthenticated Privilege Escalation via 'aiomatic_call_google_ai_function' | |
| Weaknesses | CWE-269 | |
| References |
| |
| Metrics |
cvssV3_1
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: Wordfence
Published:
Updated: 2026-07-17T10:11:03.243Z
Reserved: 2026-07-16T17:05:25.189Z
Link: CVE-2026-15982
Updated: 2026-07-17T10:10:59.073Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-17T07:00:07Z
Weaknesses