top of page
perceptive_background_267k.jpg

Incorrect Privilege Assignment vulnerability in Sergey AIWU allows Privilege Escalation.

This issue affects AIWU: from n/a through 1.4.17.

Published:

31 May 2026 at 22:00:00

Alert date:

1 June 2026 at 16:08:13

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies

A privilege escalation vulnerability has been identified in the AIWU WordPress plugin by Sergey. The vulnerability is classified as an Incorrect Privilege Assignment issue that allows attackers to escalate their privileges within the application. This security flaw affects all versions of AIWU from the initial release through version 1.4.17. The vulnerability has been assigned CVE-2026-48879 and is documented in the National Vulnerability Database. Given the nature of privilege escalation attacks, this vulnerability poses a significant security risk to WordPress installations using the affected plugin versions.

Technical details

Mitigation steps:

Affected products:

AIWU WordPress Plugin

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-48879
https://patchstack.com/database/wordpress/plugin/ai-copilot-content-generator/vulnerability/wordpress-aiwu-plugin-1-4-17-privilege-escalation-vulnerability?_s_id=cve

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page