GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,189

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

7,976 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Cross-Site Request Forgery (CSRF) vulnerability in web-able BetPress allows Stored XSS. This... High Unreviewed

CVE-2025-48309 was published Aug 28, 2025

Cross-Site Request Forgery (CSRF) vulnerability in nonletter Newsletter subscription optin module... High Unreviewed

CVE-2025-48308 was published Aug 28, 2025

Cross-Site Request Forgery (CSRF) vulnerability in shen2 多说社会化评论框 allows Cross Site Request... Moderate Unreviewed

CVE-2025-48318 was published Aug 28, 2025

Cross-Site Request Forgery (CSRF) vulnerability in OffClicks Invisible Optin allows Stored XSS.... High Unreviewed

CVE-2025-48311 was published Aug 28, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Theme Century Century ToolKit allows Cross... Moderate Unreviewed

CVE-2025-48357 was published Aug 28, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Xavier Media XM-Backup allows Stored XSS. This... High Unreviewed

CVE-2025-48109 was published Aug 28, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Metin Saraç Popup for CF7 with Sweet Alert... Moderate Unreviewed

CVE-2025-48363 was published Aug 28, 2025

Cross-Site Request Forgery (CSRF) vulnerability in thaihavnn07 ATT YouTube Widget allows Stored... High Unreviewed

CVE-2025-48359 was published Aug 28, 2025

Cross-Site Request Forgery (CSRF) vulnerability in dactum Clickbank WordPress Plugin (Niche... High Unreviewed

CVE-2025-48353 was published Aug 28, 2025

The Ultimate Tag Warrior Importer plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed

CVE-2025-9374 was published Aug 29, 2025

github.com/gorilla/csrf improperly validates TrustedOrigins allowing CSRF attacks Moderate

CVE-2025-47909 was published for github.com/gorilla/csrf (Go) Aug 29, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Microchip TimeProvider 4100 allows Cross Site... High Unreviewed

CVE-2024-43684 was published Oct 4, 2024

The Related Posts Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2025-9618 was published Aug 30, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Tickera Tickera allows Cross Site Request... Moderate Unreviewed

CVE-2025-58611 was published Sep 3, 2025

The PopAd plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to,... Moderate Unreviewed

CVE-2025-9616 was published Sep 4, 2025

Cross-Site Request Forgery (CSRF) vulnerability in WP Corner Quick Event Calendar allows Stored... High Unreviewed

CVE-2025-58861 was published Sep 5, 2025

Cross-Site Request Forgery (CSRF) vulnerability in WPKube Authors List allows Cross Site Request... Moderate Unreviewed

CVE-2025-58792 was published Sep 5, 2025

Cross-Site Request Forgery (CSRF) vulnerability in themelocation Custom WooCommerce Checkout... Moderate Unreviewed

CVE-2025-58799 was published Sep 5, 2025

Cross-Site Request Forgery (CSRF) vulnerability in rainafarai Notification for Telegram allows... Moderate Unreviewed

CVE-2025-58794 was published Sep 5, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Bjorn Manintveld BCM Duplicate Menu allows... Moderate Unreviewed

CVE-2025-58798 was published Sep 5, 2025

Cross-Site Request Forgery (CSRF) vulnerability in michalzagdan TrustMate.io – WooCommerce... Moderate Unreviewed

CVE-2025-58802 was published Sep 5, 2025

Cross-Site Request Forgery (CSRF) vulnerability in KCS Responder allows Cross Site Request... Moderate Unreviewed

CVE-2025-58801 was published Sep 5, 2025

Cross-Site Request Forgery (CSRF) vulnerability in imjoehaines WordPress Error Monitoring by... High Unreviewed

CVE-2025-58806 was published Sep 5, 2025

Cross-Site Request Forgery (CSRF) vulnerability in brijrajs WooCommerce Single Page Checkout... Moderate Unreviewed

CVE-2025-58804 was published Sep 5, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Steve Truman WP Email Template allows Cross... Moderate Unreviewed

CVE-2025-58800 was published Sep 5, 2025

Previous 1…317…320 Next

Previous 1 2 … 315 316 317 318 319 320 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

7,976 advisories