12 matches found
EUVD-2025-4034
Malicious code in bioql PyPI...
CVE-2025-25104
Cross-Site Request Forgery CSRF vulnerability in mraliende URL-Preview-Box good-url-preview-box allows Cross Site Request Forgery.This issue affects URL-Preview-Box: from n/a through = 1.20...
CVE-2025-25104
Cross-Site Request Forgery CSRF vulnerability in mraliende URL-Preview-Box good-url-preview-box allows Cross Site Request Forgery.This issue affects URL-Preview-Box: from n/a through = 1.20...
CVE-2025-25104 WordPress URL-Preview-Box plugin <= 1.20 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in mraliende URL-Preview-Box good-url-preview-box allows Cross Site Request Forgery.This issue affects URL-Preview-Box: from n/a through = 1.20...
CVE-2025-25104 WordPress URL-Preview-Box plugin <= 1.20 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in mraliende URL-Preview-Box good-url-preview-box allows Cross Site Request Forgery.This issue affects URL-Preview-Box: from n/a through = 1.20...
CVE-2025-25104
CVE-2025-25104 affects the WordPress URL-Preview-Box plugin (versions <= 1.20). The vulnerability is a Cross-Site Request Forgery (CSRF) that leads to a Stored Cross-Site Scripting (XSS) condition. According to the provided metrics, the CVSS v3.1 base score is 7.1 (HIGH), with network attack v...
WordPress plugin URL-Preview-Box 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site request forgery...
WordPress URL-Preview-Box plugin <= 1.20 - CSRF to Stored XSS vulnerability
CSRF to Stored XSS vulnerability discovered by Abdi Pranata in WordPress Plugin URL-Preview-Box versions = 1.20...
CVE-2024-48919 RCE via Prompt Injection Into Cursor's Terminal Cmd-K
Cursor is a code editor built for programming with AI. Prior to Sep 27, 2024, if a user generated a terminal command via Cursor's Terminal Cmd-K/Ctrl-K feature and if the user explicitly imported a malicious web page into the Terminal Cmd-K prompt, an attacker with control over the referenced web...
CVE-2024-48919
CVE-2024-48919 affects Cursor, an AI-assisted code editor. Prior to 2024-09-27, if a user imported a malicious webpage into Cursor’s Terminal Cmd-K, an attacker controlling that page could influence a language model to emit arbitrary terminal commands when the user opts to include the page conten...
CVE-2024-48919 RCE via Prompt Injection Into Cursor's Terminal Cmd-K
Cursor is a code editor built for programming with AI. Prior to Sep 27, 2024, if a user generated a terminal command via Cursor's Terminal Cmd-K/Ctrl-K feature and if the user explicitly imported a malicious web page into the Terminal Cmd-K prompt, an attacker with control over the referenced web...
PT-2024-33268 · Cursor · Cursor
Name of the Vulnerable Software and Affected Versions: Cursor versions prior to 0.42 Description: The issue allows an attacker with control over a malicious web page to influence a language model to output arbitrary commands for execution in the user's terminal. This scenario requires the user to...