Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,339
Erlang
31
GitHub Actions
22
Go
2,099
Maven
5,000+
npm
3,763
NuGet
678
pip
3,448
Pub
12
RubyGems
892
Rust
883
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,237 advisories

Loading
The WP Customer Area WordPress plugin through 8.2.4 does not have CSRF check in place when... Moderate Unreviewed
CVE-2024-12280 was published Jan 27, 2025
The MailUp Auto Subscription plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed
CVE-2024-13521 was published Jan 28, 2025
Cross-Site Request Forgery (CSRF) vulnerability in The Events Calendar The Events Calendar allows... Moderate Unreviewed
CVE-2025-24537 was published Jan 27, 2025
Cross-Site Request Forgery (CSRF) vulnerability in slaFFik BuddyPress Groups Extras allows Cross... Moderate Unreviewed
CVE-2025-24538 was published Jan 27, 2025
Cross-Site Request Forgery (CSRF) vulnerability in MetaSlider Responsive Slider by MetaSlider... Moderate Unreviewed
CVE-2025-24533 was published Jan 27, 2025
Cross-Site Request Forgery (CSRF) vulnerability in SeedProd Coming Soon Page, Under Construction ... Moderate Unreviewed
CVE-2025-24540 was published Jan 27, 2025
Cross-Site Request Forgery (CSRF) vulnerability in WP Go Maps (formerly WP Google Maps) WP Go... Moderate Unreviewed
CVE-2025-24742 was published Jan 27, 2025
The Linear plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to... Moderate Unreviewed
CVE-2024-13709 was published Jan 25, 2025
Cross-Site Request Forgery (CSRF) vulnerability in FluentSMTP & WPManageNinja Team FluentSMTP... Moderate Unreviewed
CVE-2025-24739 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in NowButtons.com Call Now Button allows Cross... Moderate Unreviewed
CVE-2025-24738 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Popup Box allows Cross Site... Moderate Unreviewed
CVE-2025-24711 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in WP Attire Attire Blocks allows Cross Site... Moderate Unreviewed
CVE-2025-24696 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in G5Theme Essential Real Estate allows Cross... Moderate Unreviewed
CVE-2025-24698 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Counter Box allows Cross Site... Moderate Unreviewed
CVE-2025-24715 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Button Generator – easily Button... Moderate Unreviewed
CVE-2025-24713 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Herd Effects allows Cross Site... Moderate Unreviewed
CVE-2025-24716 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Bubble Menu – circle floating menu... Moderate Unreviewed
CVE-2025-24714 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Sticky Buttons allows Cross Site... Moderate Unreviewed
CVE-2025-24720 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Modal Window allows Cross Site... Moderate Unreviewed
CVE-2025-24717 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Side Menu Lite allows Cross Site... Moderate Unreviewed
CVE-2025-24724 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in RadiusTheme Radius Blocks allows Cross Site... Moderate Unreviewed
CVE-2025-24712 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in PickPlugins Job Board Manager allows Cross... Moderate Unreviewed
CVE-2025-24622 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in datafeedr.com WooCommerce Cloak Affiliate... Moderate Unreviewed
CVE-2025-24647 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Really Simple Security Really Simple SSL... Moderate Unreviewed
CVE-2025-24623 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Epsiloncool WP Fast Total Search allows Cross... Moderate Unreviewed
CVE-2025-24572 was published Jan 24, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database