GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,063
Composer 4,318
Erlang 31
GitHub Actions 21
Go 2,074
Maven 5,249
npm 3,746
NuGet 674
pip 3,434
Pub 12
RubyGems 892
Rust 880
Swift 37

Unreviewed advisories

All unreviewed 241,104

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,178 advisories

Filter by severity

Sort by

Least recently updated

Active Directory Federation Server Spoofing Vulnerability Moderate Unreviewed

CVE-2025-21193 was published Jan 14, 2025

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed

CVE-2025-0393 was published Jan 14, 2025

The Smart Agenda – Prise de rendez-vous en ligne plugin for WordPress is vulnerable to Cross-Site... Moderate Unreviewed

CVE-2024-13348 was published Jan 14, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Drupal Minify JS allows Cross Site Request... Moderate Unreviewed

CVE-2024-13304 was published Jan 9, 2025

The Action Network plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2024-12394 was published Jan 9, 2025

The AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3,... Moderate Unreviewed

CVE-2024-12605 was published Jan 9, 2025

The Woocommerce check pincode/zipcode for shipping plugin for WordPress is vulnerable to Cross... Moderate Unreviewed

CVE-2024-12218 was published Jan 9, 2025

The WordPress Header Builder Plugin – Pearl plugin for WordPress is vulnerable to Cross-Site... Moderate Unreviewed

CVE-2024-12206 was published Jan 9, 2025

A vulnerability was found in kurniaramadhan E-Commerce-PHP 1.0. It has been classified as... Moderate Unreviewed

CVE-2024-13203 was published Jan 9, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Faaiq Pretty Url allows Cross Site Request... Moderate Unreviewed

CVE-2025-22563 was published Jan 7, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Jason Funk Title Experiments Free allows Cross... Moderate Unreviewed

CVE-2025-22562 was published Jan 7, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Digital Zoom Studio Admin debug wordpress –... Moderate Unreviewed

CVE-2025-22503 was published Jan 7, 2025

Cross-Site Request Forgery (CSRF) vulnerability in PixelYourSite PixelYourSite – Your smart PIXEL... Moderate Unreviewed

CVE-2025-22300 was published Jan 7, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Stormhill Media MyBookTable Bookstore allows... Moderate Unreviewed

CVE-2025-22301 was published Jan 7, 2025

Cross-Site Request Forgery (CSRF) vulnerability in AIpost AI WP Writer allows Cross Site Request... Moderate Unreviewed

CVE-2025-22297 was published Jan 7, 2025

Cross-Site Request Forgery (CSRF) vulnerability in MagePeople Team Bus Ticket Booking with Seat... Moderate Unreviewed

CVE-2024-49294 was published Jan 7, 2025

The Binary MLM Woocommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed

CVE-2024-12383 was published Jan 7, 2025

The ViewMedica 9 plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed

CVE-2024-12170 was published Jan 7, 2025

The ViewMedica 9 plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed

CVE-2024-12291 was published Jan 7, 2025

The Simple add pages or posts plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed

CVE-2024-12288 was published Jan 7, 2025

The Backup and Restore WordPress – Backup Plugin plugin for WordPress is vulnerable to Cross-Site... Moderate Unreviewed

CVE-2024-12208 was published Jan 7, 2025

The Transporters.io plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2024-12557 was published Jan 7, 2025

The Chative Live chat and Chatbot plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed

CVE-2024-12541 was published Jan 7, 2025

The WP Social AutoConnect plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2024-12279 was published Jan 4, 2025

The Scratch & Win – Giveaways and Contests. Boost subscribers, traffic, repeat visits, referrals... Moderate Unreviewed

CVE-2024-12545 was published Jan 4, 2025

Previous 1 2 3 4 5 … 127 128 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,178 advisories