Skip to main content

Genolve Genolve Ai Business Graphics Ai Images

1 CVEs product

Monthly

CVE-2026-1359 HIGH This Week

Privilege escalation in the Genolve AI image and video generation plugin for WordPress (all versions through 5.0.5) lets authenticated users with Contributor-level access or above update arbitrary WordPress options because the genolve_setOpt() function performs no capability check. By enabling the users_can_register option and setting default_role to administrator, a low-privileged user can register a new administrator account and fully take over the site. Reported by Wordfence with a CVSS of 8.8; no public exploit identified at time of analysis and it is not listed in CISA KEV.

Authentication Bypass WordPress Privilege Escalation Genolve Genolve Ai Business Graphics Ai Images
NVD VulDB
CVSS 3.1
8.8
EPSS
0.3%
EPSS 0% CVSS 8.8
HIGH This Week

Privilege escalation in the Genolve AI image and video generation plugin for WordPress (all versions through 5.0.5) lets authenticated users with Contributor-level access or above update arbitrary WordPress options because the genolve_setOpt() function performs no capability check. By enabling the users_can_register option and setting default_role to administrator, a low-privileged user can register a new administrator account and fully take over the site. Reported by Wordfence with a CVSS of 8.8; no public exploit identified at time of analysis and it is not listed in CISA KEV.

Authentication Bypass WordPress Privilege Escalation +1
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy