Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

7,976 advisories

Loading
Cross-Site Request Forgery (CSRF) vulnerability in wptableeditor Table Editor allows Cross Site... Moderate Unreviewed
CVE-2025-48310 was published Aug 28, 2025
Cross-Site Request Forgery (CSRF) vulnerability in dyiosah Ultimate twitter profile widget allows... High Unreviewed
CVE-2025-48321 was published Aug 28, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Aaron Axelsen WPMU Ldap Authentication allows... High Unreviewed
CVE-2025-48343 was published Aug 28, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Saeed Sattar Beglou Hesabfa Accounting allows... Moderate Unreviewed
CVE-2025-48362 was published Aug 28, 2025
Cross-Site Request Forgery (CSRF) vulnerability in kasonzhao SEO For Images allows Stored XSS.... High Unreviewed
CVE-2025-48307 was published Aug 28, 2025
Cross-Site Request Forgery (CSRF) vulnerability in web-able BetPress allows Stored XSS. This... High Unreviewed
CVE-2025-48309 was published Aug 28, 2025
Cross-Site Request Forgery (CSRF) vulnerability in nonletter Newsletter subscription optin module... High Unreviewed
CVE-2025-48308 was published Aug 28, 2025
Cross-Site Request Forgery (CSRF) vulnerability in shen2 多说社会化评论框 allows Cross Site Request... Moderate Unreviewed
CVE-2025-48318 was published Aug 28, 2025
Cross-Site Request Forgery (CSRF) vulnerability in OffClicks Invisible Optin allows Stored XSS.... High Unreviewed
CVE-2025-48311 was published Aug 28, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Theme Century Century ToolKit allows Cross... Moderate Unreviewed
CVE-2025-48357 was published Aug 28, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Xavier Media XM-Backup allows Stored XSS. This... High Unreviewed
CVE-2025-48109 was published Aug 28, 2025
The Video Share VOD – Turnkey Video Site Builder Script plugin for WordPress is vulnerable to... High Unreviewed
CVE-2025-7812 was published Aug 28, 2025
The Bevy Event service through 2025-07-22, as used for eBay Seller Events and other activities,... Moderate Unreviewed
CVE-2025-54598 was published Aug 27, 2025
Cross-Site Request Forgery (CSRF) vulnerability in GeroNikolov Instant Breaking News allows... High Unreviewed
CVE-2025-58217 was published Aug 27, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Plugins and Snippets Simple Page Access... Moderate Unreviewed
CVE-2025-58202 was published Aug 27, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Backup Bolt allows Cross Site Request Forgery... Moderate Unreviewed
CVE-2025-49040 was published Aug 27, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Kevin Langley Jr. Post Type Converter allows... Moderate Unreviewed
CVE-2025-48303 was published Aug 25, 2025
The Sertifier Certificate & Badge Maker for WordPress – Tutor LMS plugin for WordPress is... Moderate Unreviewed
CVE-2025-7841 was published Aug 23, 2025
The Silencesoft RSS Reader plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed
CVE-2025-7842 was published Aug 23, 2025
The Restore Permanently delete Post or Page Data plugin for WordPress is vulnerable to Cross-Site... Moderate Unreviewed
CVE-2025-7839 was published Aug 23, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Epsiloncool WP Fast Total Search allows Cross... Moderate Unreviewed
CVE-2025-57893 was published Aug 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Jeff Starr Simple Statistics for Feeds allows... Moderate Unreviewed
CVE-2025-57892 was published Aug 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Hossni Mubarak JobWP allows Cross Site Request... Moderate Unreviewed
CVE-2025-57895 was published Aug 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Shahjahan Jewel Fluent Support allows Cross... Moderate Unreviewed
CVE-2025-57885 was published Aug 22, 2025
UnoPim vulnerable to CSRF on Product edit feature and creation of other types Moderate
CVE-2025-55744 was published for unopim/unopim (Composer) Aug 21, 2025
sn1p3rt3s7
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database