GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,537
Composer 4,454
Erlang 33
GitHub Actions 22
Go 2,153
Maven 5,330
npm 3,818
NuGet 693
pip 3,492
Pub 12
RubyGems 902
Rust 903
Swift 38

Unreviewed advisories

All unreviewed 246,975

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

6,905 advisories

Filter by severity

Sort by

Least recently updated

The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to Cross-Site... High Unreviewed

CVE-2024-11640 was published Mar 8, 2025

The Wishlist for WooCommerce: Multi Wishlists Per Customer plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-13774 was published Mar 8, 2025

The Related Posts, Inline Related Posts, Contextual Related Posts, Related Content By PickPlugins... Moderate Unreviewed

CVE-2024-12634 was published Mar 7, 2025

The Homey theme for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and... Moderate Unreviewed

CVE-2025-0748 was published Mar 7, 2025

A vulnerability has been found in huang-yk student-manage 1.0 and classified as problematic. This... Moderate Unreviewed

CVE-2025-2042 was published Mar 6, 2025

The Podlove Podcast Publisher plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed

CVE-2025-1383 was published Mar 6, 2025

Jenkins cross-site request forgery (CSRF) vulnerability Moderate

CVE-2025-27624 was published for org.jenkins-ci.main:jenkins-core (Maven) Mar 6, 2025

Cross Site Request Forgery (CSRF) vulnerability exists in the 'pvmsg.php?action=add_message',... High Unreviewed

CVE-2024-51144 was published Mar 5, 2025

The Spreadsheet Integration plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed

CVE-2025-1463 was published Mar 5, 2025

The I Am Gloria plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed

CVE-2025-0990 was published Mar 5, 2025

The bbPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up... Moderate Unreviewed

CVE-2025-1435 was published Mar 5, 2025

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... High Unreviewed

CVE-2025-27664 was published Mar 5, 2025

Unauthenticated reflected cross-site scripting (XSS) in Uniguest Tripleplay before 24.2.1 allows... High Unreviewed

CVE-2024-50705 was published Mar 4, 2025

The Wallet System for WooCommerce – Wallet, Wallet Cashback, Refunds, Partial Payment, Wallet... Moderate Unreviewed

CVE-2024-13682 was published Mar 4, 2025

The Newscrunch theme for WordPress is vulnerable to Cross-Site Request Forgery in all versions up... High Unreviewed

CVE-2025-1306 was published Mar 4, 2025

A vulnerability was found in shishuocms 1.1 and classified as problematic. This issue affects... Moderate Unreviewed

CVE-2025-1891 was published Mar 4, 2025

HCL SX is vulnerable to cross-site request forgery vulnerability which could allow an attacker to... Moderate Unreviewed

CVE-2024-30154 was published Mar 3, 2025

Cross Site Request Forgery vulnerability in sell done storefront v.1.0 allows a remote attacker... Critical Unreviewed

CVE-2025-26206 was published Mar 3, 2025

Acora CMS version 10.1.1 is vulnerable to Cross-Site Request Forgery (CSRF). This flaw enables... Moderate Unreviewed

CVE-2025-25967 was published Mar 3, 2025

Cross-Site Request Forgery (CSRF) vulnerability in NotFound Curated Search allows Stored XSS.... High Unreviewed

CVE-2025-23502 was published Mar 3, 2025

Cross-Site Request Forgery (CSRF) vulnerability in NotFound WP SpaceContent allows Stored XSS.... High Unreviewed

CVE-2025-23446 was published Mar 3, 2025

In Bitaxe ESP-Miner before 2.5.0 with AxeOS, one can use an /api/system CSRF attack to update the... Moderate Unreviewed

CVE-2025-27579 was published Mar 3, 2025

A vulnerability classified as problematic was found in zj1983 zz up to 2024-08. Affected by this... Moderate Unreviewed

CVE-2025-1813 was published Mar 2, 2025

The Simple:Press Forum plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2024-13518 was published Mar 1, 2025

Cross Site Request Forgery vulnerability in 07FLYCMS v.1.3.9 allows a remote attacker to execute... Critical Unreviewed

CVE-2025-25379 was published Mar 1, 2025

Previous 1 2 3 4 5 … 276 277 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

6,905 advisories