cleantalk
Vulnerabilities and Security Researches

Genolve – AI image generation Midjourney, DALL-E 3, Stablility.ai, CVE-2026-1359

CVE, Research URL

CVE-2026-1359

Published on
Jul 11, 2026
Research Description
The Genolve – AI image AI video generation plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the genolve_setOpt() function in all versions up to, and including, 5.0.5. This makes it possible for authenticated attackers, with Contributor-level access and above, to update arbitrary WordPress options, including enabling user registration and setting the default role to administrator, resulting in privilege escalation.
Affected versions
max 5.0.6.
Status
vulnerable