Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

25,136 advisories

Loading
The ABC Notation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin... Moderate Unreviewed
CVE-2024-13551 was published Jan 25, 2025
The WP Contact Form7 Email Spam Blocker plugin for WordPress is vulnerable to Reflected Cross... Moderate Unreviewed
CVE-2024-13467 was published Jan 25, 2025
The Etsy Importer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-12817 was published Jan 25, 2025
The Power Ups for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2024-13548 was published Jan 25, 2025
The Ask Me Anything (Anonymously) plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-12512 was published Jan 25, 2025
The brodos.net Onlineshop Plugin plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-12529 was published Jan 25, 2025
The Masy Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin... Moderate Unreviewed
CVE-2024-13586 was published Jan 25, 2025
The Target Video Easy Publish plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed
CVE-2024-12076 was published Jan 25, 2025
The NOTICE BOARD BY TOWKIR plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2024-12816 was published Jan 25, 2025
The Flexmls® IDX Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-10552 was published Jan 25, 2025
The Broadstreet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘zone’... Moderate Unreviewed
CVE-2024-11825 was published Jan 25, 2025
The WordPress SEO Friendly Accordion FAQ with AI assisted content generation plugin for WordPress... Moderate Unreviewed
CVE-2024-13458 was published Jan 25, 2025
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-13599 was published Jan 25, 2025
The Bilingual Linker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-13441 was published Jan 25, 2025
A vulnerability was found in Dcat-Admin 2.2.1-beta. It has been rated as problematic. This issue... Moderate Unreviewed
CVE-2025-0709 was published Jan 24, 2025
A vulnerability was found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d... Moderate Unreviewed
CVE-2025-0706 was published Jan 24, 2025
A vulnerability was found in fumiao opencms 2.2. It has been declared as problematic. This... Moderate Unreviewed
CVE-2025-0708 was published Jan 24, 2025
A vulnerability classified as problematic has been found in CampCodes School Management Software... Moderate Unreviewed
CVE-2025-0710 was published Jan 24, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-24726 was published Jan 24, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-24731 was published Jan 24, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-24730 was published Jan 24, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-24709 was published Jan 24, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-24706 was published Jan 24, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-24704 was published Jan 24, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-24727 was published Jan 24, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database