GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,352
Composer 4,362
Erlang 33
GitHub Actions 22
Go 2,134
Maven 5,313
npm 3,797
NuGet 687
pip 3,473
Pub 12
RubyGems 896
Rust 897
Swift 38

Unreviewed advisories

All unreviewed 245,318

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

6,837 advisories

Filter by severity

Sort by

Least recently updated

The WPUpper Share Buttons plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2024-13883 was published Feb 21, 2025

Versions of Gliffy Online prior to versions 4.14.0-7 contains a Cross Site Request Forgery (CSRF)... Moderate Unreviewed

CVE-2024-7141 was published Feb 20, 2025

IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages could allow a remote attacker to bypass... Moderate Unreviewed

CVE-2024-49779 was published Feb 20, 2025

The Ultimate Classified Listings plugin for WordPress is vulnerable to Cross-Site Request Forgery... High Unreviewed

CVE-2024-13753 was published Feb 20, 2025

Various Lexmark devices have CSRF that allows an attacker to modify the configuration of the device. High Unreviewed

CVE-2020-10095 was published Feb 19, 2025

The DeBounce Email Validator plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed

CVE-2024-13339 was published Feb 19, 2025

The Disable Auto Updates plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2024-13336 was published Feb 19, 2025

The WP Media Category Management plugin for WordPress is vulnerable to Cross-Site Request Forgery... Moderate Unreviewed

CVE-2025-0865 was published Feb 19, 2025

The Apptivo Business Site CRM plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed

CVE-2024-13405 was published Feb 19, 2025

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed

CVE-2025-1441 was published Feb 19, 2025

The Flexible Wishlist for WooCommerce – Ecommerce Wishlist & Save for later plugin for WordPress... Moderate Unreviewed

CVE-2024-13718 was published Feb 18, 2025

The Ecwid by Lightspeed Ecommerce Shopping Cart plugin for WordPress is vulnerable to Cross-Site... Moderate Unreviewed

CVE-2024-13795 was published Feb 18, 2025

The MemorialDay plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed

CVE-2024-13523 was published Feb 18, 2025

The SpeedSize Image & Video AI-Optimizer plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed

CVE-2024-13438 was published Feb 18, 2025

The Reset plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to,... High Unreviewed

CVE-2024-13684 was published Feb 18, 2025

The Option Editor plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 1.0... High Unreviewed

CVE-2024-13852 was published Feb 18, 2025

The Shopwarden – Automated WooCommerce monitoring & testing plugin for WordPress is vulnerable to... High Unreviewed

CVE-2024-13315 was published Feb 18, 2025

The Mortgage Lead Capture System plugin for WordPress is vulnerable to Cross-Site Request Forgery... Moderate Unreviewed

CVE-2025-0796 was published Feb 18, 2025

The magayo Lottery Results plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed

CVE-2024-13522 was published Feb 18, 2025

The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress is... Moderate Unreviewed

CVE-2024-13555 was published Feb 18, 2025

Cross-Site Request Forgery (CSRF) vulnerability in what3words what3words Address Field allows... High Unreviewed

CVE-2025-26768 was published Feb 17, 2025

Cross-Site Request Forgery (CSRF) vulnerability in alexvtn Content Snippet Manager allows Stored... High Unreviewed

CVE-2025-26759 was published Feb 17, 2025

A vulnerability classified as problematic was found in Pix Software Vivaz 6.0.10. This... Moderate Unreviewed

CVE-2025-1358 was published Feb 16, 2025

The DirectoryPress Frontend plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed

CVE-2024-10581 was published Feb 15, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company WP Coder allows Cross-Site... High Unreviewed

CVE-2025-24699 was published Feb 14, 2025

Previous 1 2 3 4 5 … 273 274 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

6,837 advisories