top of page
perceptive_background_267k.jpg

Incorrect Privilege Assignment vulnerability in Sergey AIWU allows Privilege Escalation.

This issue affects AIWU: from n/a through 1.4.17.

Published:

31 May 2026 at 22:00:00

Alert date:

1 June 2026 at 17:02:55

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies

A privilege escalation vulnerability (CVE-2026-48879) has been identified in the AIWU WordPress plugin by Sergey. The vulnerability is caused by incorrect privilege assignment, allowing attackers to escalate their privileges within the affected system. This security flaw affects all versions of the AIWU plugin from the initial release through version 1.4.17. The vulnerability has been assigned a high criticality rating, indicating significant potential impact on affected WordPress installations. Users should update to a patched version beyond 1.4.17 when available or consider disabling the plugin until a fix is released.

Technical details

Mitigation steps:

Affected products:

AIWU WordPress Plugin

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-48879
https://patchstack.com/database/wordpress/plugin/ai-copilot-content-generator/vulnerability/wordpress-aiwu-plugin-1-4-17-privilege-escalation-vulnerability?_s_id=cve

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page