Vendor
A vulnerability in the Genolve AI image AI video generation plugin for WordPress, affecting versions up to and including 5.0.5, allows authenticated attackers with Contributor-level access to achieve privilege escalation due to a missing capability check in the `genolve_setOpt()` function, enabling them to modify arbitrary WordPress options such as enabling user registration and setting the default role to administrator.