Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

4,360 advisories

Loading
The Sertifier Certificate & Badge Maker for WordPress – Tutor LMS plugin for WordPress is... Moderate Unreviewed
CVE-2025-7841 was published Aug 23, 2025
The Restore Permanently delete Post or Page Data plugin for WordPress is vulnerable to Cross-Site... Moderate Unreviewed
CVE-2025-7839 was published Aug 23, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Epsiloncool WP Fast Total Search allows Cross... Moderate Unreviewed
CVE-2025-57893 was published Aug 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Jeff Starr Simple Statistics for Feeds allows... Moderate Unreviewed
CVE-2025-57892 was published Aug 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Hossni Mubarak JobWP allows Cross Site Request... Moderate Unreviewed
CVE-2025-57895 was published Aug 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Shahjahan Jewel Fluent Support allows Cross... Moderate Unreviewed
CVE-2025-57885 was published Aug 22, 2025
UnoPim vulnerable to CSRF on Product edit feature and creation of other types Moderate
CVE-2025-55744 was published for unopim/unopim (Composer) Aug 21, 2025
sn1p3rt3s7
QuickCMS is vulnerable to Cross-Site Request Forgery in article creation functionality. Malicious... Moderate Unreviewed
CVE-2025-54174 was published Aug 20, 2025
The Easy Digital Downloads plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed
CVE-2025-8102 was published Aug 20, 2025
Cross-Site Request Forgery (CSRF) vulnerability in wptasker WP Discord Post Plus – ... Moderate Unreviewed
CVE-2025-49896 was published Aug 20, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Dourou Cookie Warning allows Cross Site... Moderate Unreviewed
CVE-2025-49426 was published Aug 20, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Fetch Designs Sign-up Sheets allows Cross Site... Moderate Unreviewed
CVE-2025-49391 was published Aug 20, 2025
Liferay Portal CSRF Vulnerability via Endpoint Parameter Moderate
CVE-2025-43745 was published for com.liferay.portal:release.portal.bom (Maven) Aug 19, 2025
The Linux Promotional Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed
CVE-2025-7668 was published Aug 16, 2025
The Last.fm Recent Album Artwork plugin for WordPress is vulnerable to Cross-Site Request Forgery... Moderate Unreviewed
CVE-2025-7684 was published Aug 16, 2025
The LatestCheckins plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2025-7683 was published Aug 16, 2025
The weichuncai(WP伪春菜) plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2025-7686 was published Aug 16, 2025
The Add User Meta plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2025-7688 was published Aug 15, 2025
A vulnerability has been found in mtons mblog up to 3.5.0. Affected by this issue is some unknown... Moderate Unreviewed
CVE-2025-8992 was published Aug 15, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Laborator Kalium allows Cross Site Request... Moderate Unreviewed
CVE-2025-53347 was published Aug 14, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Shahjada WPDM – Premium Packages allows Cross... Moderate Unreviewed
CVE-2025-54732 was published Aug 14, 2025
Cross-Site Request Forgery (CSRF) vulnerability in hakeemnala Build App Online allows Cross Site... Moderate Unreviewed
CVE-2025-53249 was published Aug 14, 2025
Cross-Site Request Forgery (CSRF) vulnerability in CreativeMindsSolutions CM On Demand Search And... Moderate Unreviewed
CVE-2025-54728 was published Aug 14, 2025
Cross-Site Request Forgery (CSRF) vulnerability in pl4g4 WP-Database-Optimizer-Tools allows Cross... Moderate Unreviewed
CVE-2025-53219 was published Aug 14, 2025
Cross-Site Request Forgery (CSRF) vulnerability in lisensee NetInsight Analytics Implementation... Moderate Unreviewed
CVE-2025-52767 was published Aug 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database