CVE-2025-53536 Roo Code allows Potential Remote Code Execution via .vscode/settings.json

Roo Code is an AI-powered autonomous coding agent. Prior to 3.22.6, if the victim had "Write" auto-approved, an attacker with the ability to submit prompts to the agent could write to VS Code settings files and trigger code execution. There were multiple ways to achieve that. One example is with...

CVE-2025-53536

Roo Code (AI-powered autonomous coding agent) prior to version 3.22.6 is affected. If a victim had the Write auto-approved mode, an attacker who can submit prompts could write to VS Code settings files and trigger code execution. A concrete example is the php.validate.executablePath setting, wher...

Roo Code 安全漏洞

Roo Code is an AI-based autonomous coding agent from Roo Code. A security vulnerability exists in Roo Code versions prior to 3.22.6, which stems from an attacker being able to submit a prompt to write to a VS Code settings file and trigger code execution, potentially leading to remote code...

WordPress plugin Atarim 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

PT-2024-18654 · WordPress · Atarim

Name of the Vulnerable Software and Affected Versions: The Visual Website Collaboration, Feedback & Project Management – Atarim plugin for WordPress versions up to, and including, 3.22.6 Description: The issue is due to the use of hardcoded credentials to authenticate all incoming API requests...

WordPress Atarim Plugin <= 3.22.6 is vulnerable to Other Vulnerability Type

Software Atarim Type Plugin Vulnerable versions = 3.22.6 Fixed in 3.30 OWASP Top 10 A5: Security Misconfiguration Classification Other Vulnerability Type CVE CVE-2024-2038 Patch priority High CVSS severity High 7.5 Developer Atarim PSID 62433e90ed84 Credits Lucio Sá Required privilege...