8 matches found
CVE-2025-53536
Roo Code (AI-powered autonomous coding agent) prior to version 3.22.6 is affected. If a victim had the Write auto-approved mode, an attacker who can submit prompts could write to VS Code settings files and trigger code execution. A concrete example is the php.validate.executablePath setting, wher...
CVE-2025-53536 Roo Code allows Potential Remote Code Execution via .vscode/settings.json
Roo Code is an AI-powered autonomous coding agent. Prior to 3.22.6, if the victim had "Write" auto-approved, an attacker with the ability to submit prompts to the agent could write to VS Code settings files and trigger code execution. There were multiple ways to achieve that. One example is with...
Roo Code 安全漏洞
Roo Code is an AI-based autonomous coding agent from Roo Code. A security vulnerability exists in Roo Code versions prior to 3.22.6, which stems from an attacker being able to submit a prompt to write to a VS Code settings file and trigger code execution, potentially leading to remote code...
WordPress Visual Website Collaboration, Feedback & Project Management – Atarim plugin <= 3.22.6 - Hardcoded Credentials vulnerability
Hardcoded Credentials vulnerability discovered by Lucio Sá in WordPress Plugin Atarim versions = 3.22.6...
WordPress Atarim Plugin <= 3.22.6 is vulnerable to Other Vulnerability Type
Software Atarim Type Plugin Vulnerable versions = 3.22.6 Fixed in 3.30 OWASP Top 10 A5: Security Misconfiguration Classification Other Vulnerability Type CVE CVE-2024-2038 Patch priority High CVSS severity High 7.5 Developer Atarim PSID 62433e90ed84 Credits Lucio Sá Required privilege...
PT-2024-18654 · WordPress · Atarim
Name of the Vulnerable Software and Affected Versions: The Visual Website Collaboration, Feedback & Project Management – Atarim plugin for WordPress versions up to, and including, 3.22.6 Description: The issue is due to the use of hardcoded credentials to authenticate all incoming API requests...
WordPress plugin Atarim 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
Fedora 25 : 1:epiphany (2017-6792542f47)
Update to 3.22.6 : - Fix minor memory leak 682723 - Fix serious password extraction sweep attack on password manager 752738 - Fix adblocker blocking too much stuff, breaking Twitter 777714 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...