Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,318
Erlang
31
GitHub Actions
21
Go
2,074
Maven
5,000+
npm
3,746
NuGet
674
pip
3,434
Pub
12
RubyGems
892
Rust
880
Swift
37
Unreviewed advisories
All unreviewed
5,000+

6,524 advisories

Loading
The User Role Editor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... High Unreviewed
CVE-2024-12293 was published Dec 17, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Tom Royal Stop Registration Spam allows Stored... High Unreviewed
CVE-2024-56017 was published Dec 17, 2024
A Cross-Site Request Forgery (CSRF) in Sunbird DCIM dcTrack v9.1.2 allows authenticated attackers... High Unreviewed
CVE-2024-37774 was published Dec 17, 2024
Cross-Site Request Forgery (CSRF) vulnerability in ThemeFusion Avada.This issue affects Avada:... Moderate Unreviewed
CVE-2024-54357 was published Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Pearlbells Flash News / Post (Responsive)... Critical Unreviewed
CVE-2024-56012 was published Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in onigetoc Add image to Post allows Stored XSS... High Unreviewed
CVE-2024-54428 was published Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Alok Tiwari Amazon Product Price allows Stored... High Unreviewed
CVE-2024-54439 was published Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Posti Posti Shipping allows Cross Site Request... Moderate Unreviewed
CVE-2024-56005 was published Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Thomas Hoefter Onlywire Multi Autosubmitter... High Unreviewed
CVE-2024-54435 was published Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Jettochkin Jet Footer Code allows Stored XSS... High Unreviewed
CVE-2024-54436 was published Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Simple Booking Simple Booking Widget allows... High Unreviewed
CVE-2024-54433 was published Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in John Godley Tidy Up allows Reflected XSS.This... High Unreviewed
CVE-2024-56015 was published Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Shambhu Prasad Patnaik WP Flipkart Importer... High Unreviewed
CVE-2024-54432 was published Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in GAxx Gaxx Keywords allows Stored XSS.This... High Unreviewed
CVE-2024-54438 was published Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in blueskyy WP-Ban-User allows Stored XSS.This... High Unreviewed
CVE-2024-54440 was published Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Aleksander Novikov Metrika allows Cross Site... High Unreviewed
CVE-2024-54420 was published Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Phoetry phZoom allows Stored XSS.This issue... High Unreviewed
CVE-2024-54434 was published Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Sanjay Singh Negi Floating Video Player allows... High Unreviewed
CVE-2024-54421 was published Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Ryan Bet sport Free allows Cross Site Request... Moderate Unreviewed
CVE-2024-54396 was published Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Web solution soft Mandrill WP allows Stored... High Unreviewed
CVE-2024-54394 was published Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Project Caruso Flaming Forms allows Stored XSS... High Unreviewed
CVE-2024-54398 was published Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Midoks WP微信机器人 allows Stored XSS.This issue... High Unreviewed
CVE-2024-54392 was published Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in 随意的风 CK and SyntaxHighlighter allows Stored... High Unreviewed
CVE-2024-54407 was published Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Jesse Overright Social Media Sharing allows... High Unreviewed
CVE-2024-54423 was published Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Turcu Ciprian Advanced Fancybox allows Stored... High Unreviewed
CVE-2024-54401 was published Dec 16, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database