4 matches found
CVE-2025-32018
Cursor is an AI-codeditor. Versions 0.45.0–0.48.6 contain a regression that broadens the Cursor Agent’s file-modification permissions, allowing, under deliberate prompting (user or crafted context), automatic writes to files outside the opened workspace. The vulnerability can manifest when the ag...
WordPress CodeKit – Custom Codes Editor Plugin < 2.3.6 is vulnerable to Cross Site Scripting (XSS)
Software CodeKit – Custom Codes Editor Type Plugin Vulnerable versions 2.3.6 Fixed in 2.3.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID fe5c4dee3953 Credits Rafie Muhammad...
WordPress CodeKit – Custom Codes Editor plugin <= 2.2.9 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress CodeKit – Custom Codes Editor plugin versions = 2.2.9. Solution Update the WordPress CodeKit – Custom Codes Editor plugin to the latest available version at least 2.3...
WordPress CodeKit – Custom Codes Editor plugin <= 2.2.9 - Sensitive Information Disclosure vulnerability
Sensitive Information Disclosure vulnerability discovered in WordPress CodeKit – Custom Codes Editor plugin versions = 2.2.9. Solution Update the WordPress CodeKit – Custom Codes Editor plugin to the latest available version at least 2.3...