Genolve Genolve Ai Business Graphics Ai Images
Monthly
Privilege escalation in the Genolve AI image and video generation plugin for WordPress (all versions through 5.0.5) lets authenticated users with Contributor-level access or above update arbitrary WordPress options because the genolve_setOpt() function performs no capability check. By enabling the users_can_register option and setting default_role to administrator, a low-privileged user can register a new administrator account and fully take over the site. Reported by Wordfence with a CVSS of 8.8; no public exploit identified at time of analysis and it is not listed in CISA KEV.
Privilege escalation in the Genolve AI image and video generation plugin for WordPress (all versions through 5.0.5) lets authenticated users with Contributor-level access or above update arbitrary WordPress options because the genolve_setOpt() function performs no capability check. By enabling the users_can_register option and setting default_role to administrator, a low-privileged user can register a new administrator account and fully take over the site. Reported by Wordfence with a CVSS of 8.8; no public exploit identified at time of analysis and it is not listed in CISA KEV.