Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,370
Erlang
33
GitHub Actions
22
Go
2,135
Maven
5,000+
npm
3,797
NuGet
687
pip
3,477
Pub
12
RubyGems
896
Rust
897
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

6,120 advisories

Loading
Cross-Site Request Forgery (CSRF) vulnerability in Stanko Metodiev Quote Comments allows Stored... High Unreviewed
CVE-2025-25156 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in djjmz Simple Auto Tag allows Stored XSS. This... High Unreviewed
CVE-2025-25153 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in ElbowRobo Read More Copy Link allows Stored... High Unreviewed
CVE-2025-25148 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in LukaszWiecek Smart DoFollow allows Stored XSS.... High Unreviewed
CVE-2025-25152 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in saleandro Songkick Concerts and Festivals... Moderate Unreviewed
CVE-2025-25146 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Phillip.Gooch Auto SEO allows Stored XSS. This... High Unreviewed
CVE-2025-25147 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Scriptonite Simple User Profile allows Stored... High Unreviewed
CVE-2025-25140 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Danillo Nunes Login-box allows Stored XSS.... High Unreviewed
CVE-2025-25149 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in scweber Custom Comment Notifications allows... High Unreviewed
CVE-2025-25154 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in FancyWP Starter Templates by FancyWP allows... Critical Unreviewed
CVE-2025-25106 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in CyrilG Fyrebox Quizzes allows Stored XSS. This... High Unreviewed
CVE-2025-25125 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in WP Spell Check WP Spell Check allows Cross... Moderate Unreviewed
CVE-2025-25111 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in sainwp OneStore Sites allows Cross Site... Critical Unreviewed
CVE-2025-25107 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in ibasit GlobalQuran allows Cross Site Request... Moderate Unreviewed
CVE-2025-25143 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in jordan.hatch Infusionsoft Analytics allows... Moderate Unreviewed
CVE-2025-25145 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Cynob IT Consultancy WP Custom Post RSS Feed... High Unreviewed
CVE-2025-25139 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Rishi On Page SEO + Whatsapp Chat Button... High Unreviewed
CVE-2025-25138 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in zmseo ZMSEO allows Stored XSS. This issue... High Unreviewed
CVE-2025-25126 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in xdark Easy Related Posts allows Stored XSS.... High Unreviewed
CVE-2025-25123 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Victor Barkalov Custom Links On Admin... High Unreviewed
CVE-2025-25135 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in bnielsen Indeed API allows Cross Site Request... Moderate Unreviewed
CVE-2025-25103 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in orlandolac Facilita Form Tracker allows Stored... High Unreviewed
CVE-2025-25128 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in MetricThemes Munk Sites allows Cross Site... Critical Unreviewed
CVE-2025-25101 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in paulswarthout Child Themes Helper allows Path... Moderate Unreviewed
CVE-2025-25093 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in mraliende URL-Preview-Box allows Cross Site... High Unreviewed
CVE-2025-25104 was published Feb 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database