Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,373
Erlang
33
GitHub Actions
22
Go
2,139
Maven
5,000+
npm
3,799
NuGet
687
pip
3,478
Pub
12
RubyGems
896
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

350 advisories

Loading
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for... Moderate Unreviewed
CVE-2024-13873 was published Feb 22, 2025
Faveo 5.0.1 allows remote attackers to obtain sensitive information via a modified user ID in an... Moderate Unreviewed
CVE-2023-24625 was published Mar 24, 2023
Insecure direct object references (IDOR) vulnerability in the wpForo Forum plugin <= 2.0.5 on... Moderate Unreviewed
CVE-2022-40206 was published Nov 9, 2022
Insecure direct object references (IDOR) vulnerability in the wpForo Forum plugin <= 2.0.5 on... Moderate Unreviewed
CVE-2022-40205 was published Nov 9, 2022
A vulnerability has been found in Campcodes Online Laundry Management System 1.0 and classified... Moderate Unreviewed
CVE-2024-4817 was published May 14, 2024
A vulnerability was found in Campcodes Online Laundry Management System 1.0. It has been... Moderate Unreviewed
CVE-2024-4819 was published May 14, 2024
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-13740 was published Feb 18, 2025
Bhima version 1.27.0 allows an attacker authenticated with normal user permissions to view... Moderate Unreviewed
CVE-2023-0967 was published Apr 5, 2023
The DethemeKit For Elementor plugin for WordPress is vulnerable to Information Exposure in all... Moderate Unreviewed
CVE-2025-0661 was published Feb 13, 2025
The Majestic Support – The Leading-Edge Help Desk & Customer Support Plugin plugin for WordPress... Moderate Unreviewed
CVE-2024-13601 was published Feb 12, 2025
The EAN for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in... Moderate Unreviewed
CVE-2023-6897 was published Apr 18, 2024
An issue has been discovered in GitLab affecting all versions starting from 15.9 before 15.9.4,... Moderate Unreviewed
CVE-2023-1417 was published Apr 5, 2023
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-6410 was published Jul 10, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Wpmet Wp Ultimate Review.This... Moderate Unreviewed
CVE-2024-32683 was published Apr 19, 2024
The User Shortcodes Plus plugin for WordPress is vulnerable to Insecure Direct Object Reference... Moderate Unreviewed
CVE-2023-6969 was published Mar 13, 2024
The Builder Shortcode Extras – WordPress Shortcodes Collection to Save You Time plugin for... Moderate Unreviewed
CVE-2024-13841 was published Feb 7, 2025
The Bluetooth module has a vulnerability of bypassing the user confirmation in the pairing... Moderate Unreviewed
CVE-2022-48313 was published Apr 16, 2023
Authorization Bypass Through User-Controlled Key vulnerability in Fabio Rinaldi Crelly Slider... Moderate Unreviewed
CVE-2024-33542 was published Apr 29, 2024
The UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget,... Moderate Unreviewed
CVE-2024-10696 was published Feb 5, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This... Moderate Unreviewed
CVE-2024-31291 was published Apr 7, 2024
The Event Tickets and Registration plugin for WordPress is vulnerable to Insecure Direct Object... Moderate Unreviewed
CVE-2024-13457 was published Jan 30, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This... Moderate Unreviewed
CVE-2024-32772 was published Apr 24, 2024
Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This... Moderate Unreviewed
CVE-2024-32808 was published Apr 24, 2024
The Medical Addon for Elementor plugin for WordPress is vulnerable to Insecure Direct Object... Moderate Unreviewed
CVE-2024-12046 was published Feb 4, 2025
The JS Help Desk – The Ultimate Help Desk & Support Plugin plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-13607 was published Feb 4, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database