3 matches found
CVE-2026-22708
Cursor is a code editor built for programming with AI. Prior to 2.3, hen the Cursor Agent is running in Auto-Run Mode with Allowlist mode enabled, certain shell built-ins can still be executed without appearing in the allowlist and without requiring user approval. This allows an attacker via...
WordPress Design Import/Export plugin <= 2.2 - Authenticated (Administrator+) SQL Injection via XML File Import vulnerability
Authenticated Administrator+ SQL Injection via XML File Import vulnerability discovered by ChamlaVic in WordPress Plugin Design Import/Export versions = 2.2...
WordPress Userlike – WordPress Live Chat plugin Plugin <= 2.2 is vulnerable to Cross Site Scripting (XSS)
Software Userlike – WordPress Live Chat plugin Type Plugin Vulnerable versions = 2.2 Fixed in 2.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23734 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID da66e187f0fd Credits yuyud...