Electron has nothing to do with the exploit here. A Vim plugin would have just as much ability to run malware.