4 matches found
CVE-2025-61590 Cursor is vulnerable to RCE via .code-workspace files using Prompt Injection
Cursor is a code editor built for programming with AI. Versions 1.6 and below are vulnerable to Remote Code Execution RCE attacks through Visual Studio Code Workspaces. Workspaces allow users to open more than a single folder and save specific settings pretty similar to .vscode/settings.json for...
WordPress Penci Filter Everything Plugin < 1.7 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Penci Filter Everything versions 1.7...
WordPress WP DPE-GES plugin <= 1.6 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by johska in WordPress Plugin WP DPE-GES versions = 1.6...
PT-2022-27947 · Jenkins · Jenkins Google Login Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Google Login Plugin versions 1.4 through 1.6 Description: The issue arises from the improper determination of a redirect URL after login, which is supposed to point to Jenkins. This could potentially lead to unauthorized access. The...