GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,159

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

32,143 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The 3D FlipBook plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘Ready... Moderate Unreviewed

CVE-2023-6776 was published Jan 11, 2024

The Chatbot for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2023-5691 was published Jan 11, 2024

The Ibtana – WordPress Website Builder plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2023-6684 was published Jan 11, 2024

The Enable Media Replace plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via... Moderate Unreviewed

CVE-2023-6737 was published Jan 11, 2024

The Import and export users and customers plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2023-6624 was published Jan 11, 2024

The Post Grid Combo – 36+ Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed

CVE-2023-6645 was published Jan 11, 2024

The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2023-6556 was published Jan 11, 2024

The Happy Addons for Elementor plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed

CVE-2023-6632 was published Jan 11, 2024

The Featured Image from URL (FIFU) plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2023-6561 was published Jan 11, 2024

The WCFM Marketplace plugin for WordPress is vulnerable to Stored Cross-Site Scripting via ... Moderate Unreviewed

CVE-2023-4960 was published Jan 11, 2024

The LiteSpeed Cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2023-4372 was published Jan 11, 2024

The Calculated Fields Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2023-6446 was published Jan 11, 2024

The Video PopUp plugin for WordPress is vulnerable to Stored Cross-Site Scripting via ... Moderate Unreviewed

CVE-2023-4962 was published Jan 11, 2024

member/index/register.html in YzmCMS 6.5 through 7.0 allows XSS via the Referer HTTP header. Moderate Unreviewed

CVE-2023-52274 was published Jan 11, 2024

Cross Site Scripting Vulnerability in Elite CRM v1.2.11 allows attacker to execute arbitrary code... Moderate Unreviewed

CVE-2022-40361 was published Jan 11, 2024

The vulnerability allows a remote attacker to inject and execute arbitrary client-side script... Moderate Unreviewed

CVE-2023-48254 was published Jan 10, 2024

The vulnerability allows an unauthenticated remote attacker to send malicious network requests... Moderate Unreviewed

CVE-2023-48255 was published Jan 10, 2024

A content-security-policy vulnerability in ENS Control browser extension prior to 10.7.0 Update... Moderate Unreviewed

CVE-2024-0310 was published Jan 10, 2024

The vulnerability allows an authenticated remote attacker to upload a malicious file to the SD... Moderate Unreviewed

CVE-2023-48248 was published Jan 10, 2024

The vulnerability allows a remote attacker to inject and execute arbitrary client-side script... Moderate Unreviewed

CVE-2023-48244 was published Jan 10, 2024

There is a Cross-site scripting (XSS) vulnerability in ZTE MF258. Due to insufficient input... Moderate Unreviewed

CVE-2023-41781 was published Jan 10, 2024

PublicCMS 4.0 is vulnerable to Cross Site Scripting (XSS). Because files can be uploaded and... Moderate Unreviewed

CVE-2023-51252 was published Jan 10, 2024

A Cross-Site Scripting (XSS) vulnerability was discovered in Hospital Management System V4.0... Moderate Unreviewed

CVE-2020-26628 was published Jan 10, 2024

Cross Site Scripting (XSS) vulnerability in JFinalcms 5.0.0 allows attackers to run arbitrary... Moderate Unreviewed

CVE-2023-50136 was published Jan 10, 2024

A vulnerability has been found in CodeAstro Vehicle Booking System 1.0 and classified as... Moderate Unreviewed

CVE-2024-0346 was published Jan 10, 2024

Previous 1…400Next

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

32,143 advisories