Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

4,360 advisories

Loading
Cross-Site Request Forgery (CSRF) vulnerability in snagysandor Parallax Scrolling Enllax.js... Moderate Unreviewed
CVE-2025-58831 was published Sep 5, 2025
Cross-Site Request Forgery (CSRF) vulnerability in michalzagdan TrustMate.io – WooCommerce... Moderate Unreviewed
CVE-2025-58802 was published Sep 5, 2025
Cross-Site Request Forgery (CSRF) vulnerability in KCS Responder allows Cross Site Request... Moderate Unreviewed
CVE-2025-58801 was published Sep 5, 2025
Cross-Site Request Forgery (CSRF) vulnerability in brijrajs WooCommerce Single Page Checkout... Moderate Unreviewed
CVE-2025-58804 was published Sep 5, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Steve Truman WP Email Template allows Cross... Moderate Unreviewed
CVE-2025-58800 was published Sep 5, 2025
Cross-Site Request Forgery (CSRF) vulnerability in SwiftNinjaPro Developer Tools Blocker allows... Moderate Unreviewed
CVE-2025-58818 was published Sep 5, 2025
Cross-Site Request Forgery (CSRF) vulnerability in WPKube Authors List allows Cross Site Request... Moderate Unreviewed
CVE-2025-58792 was published Sep 5, 2025
Cross-Site Request Forgery (CSRF) vulnerability in rainafarai Notification for Telegram allows... Moderate Unreviewed
CVE-2025-58794 was published Sep 5, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Bjorn Manintveld BCM Duplicate Menu allows... Moderate Unreviewed
CVE-2025-58798 was published Sep 5, 2025
The PopAd plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to,... Moderate Unreviewed
CVE-2025-9616 was published Sep 4, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Tickera Tickera allows Cross Site Request... Moderate Unreviewed
CVE-2025-58611 was published Sep 3, 2025
The Related Posts Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2025-9618 was published Aug 30, 2025
github.com/gorilla/csrf improperly validates TrustedOrigins allowing CSRF attacks Moderate
CVE-2025-47909 was published for github.com/gorilla/csrf (Go) Aug 29, 2025
The Ultimate Tag Warrior Importer plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed
CVE-2025-9374 was published Aug 29, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Theme Century Century ToolKit allows Cross... Moderate Unreviewed
CVE-2025-48357 was published Aug 28, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Metin Saraç Popup for CF7 with Sweet Alert... Moderate Unreviewed
CVE-2025-48363 was published Aug 28, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Saeed Sattar Beglou Hesabfa Accounting allows... Moderate Unreviewed
CVE-2025-48362 was published Aug 28, 2025
Cross-Site Request Forgery (CSRF) vulnerability in shen2 多说社会化评论框 allows Cross Site Request... Moderate Unreviewed
CVE-2025-48318 was published Aug 28, 2025
Cross-Site Request Forgery (CSRF) vulnerability in wptableeditor Table Editor allows Cross Site... Moderate Unreviewed
CVE-2025-48310 was published Aug 28, 2025
QuickCMS is vulnerable to Cross-Site Request Forgery in page deletion functionality. Malicious... Moderate Unreviewed
CVE-2025-54541 was published Aug 28, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Plugins and Snippets Simple Page Access... Moderate Unreviewed
CVE-2025-58202 was published Aug 27, 2025
The Bevy Event service through 2025-07-22, as used for eBay Seller Events and other activities,... Moderate Unreviewed
CVE-2025-54598 was published Aug 27, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Backup Bolt allows Cross Site Request Forgery... Moderate Unreviewed
CVE-2025-49040 was published Aug 27, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Kevin Langley Jr. Post Type Converter allows... Moderate Unreviewed
CVE-2025-48303 was published Aug 25, 2025
The Sertifier Certificate & Badge Maker for WordPress – Tutor LMS plugin for WordPress is... Moderate Unreviewed
CVE-2025-7841 was published Aug 23, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database