Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

7,976 advisories

Loading
The OceanWP theme for WordPress is vulnerable to Cross-Site Request Forgery in versions 4.0.9 to... Moderate Unreviewed
CVE-2025-8891 was published Aug 13, 2025
Cross Site Request Forgery (CSRF) vulnerability in old-peanut Open-Shop (aka old-peanut... High Unreviewed
CVE-2025-50902 was published Aug 20, 2025
The Inspiro theme for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to... High Unreviewed
CVE-2025-8592 was published Aug 21, 2025
Liferay Portal Vulnerable to Cross-Site Request Forgery High
CVE-2025-43748 was published for com.liferay.portal:release.portal.bom (Maven) Aug 20, 2025
Liferay Portal CSRF Vulnerability via Endpoint Parameter Moderate
CVE-2025-43745 was published for com.liferay.portal:release.portal.bom (Maven) Aug 19, 2025
The Easy Digital Downloads plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed
CVE-2025-8102 was published Aug 20, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Realtyna Realtyna Organic IDX plugin allows... High Unreviewed
CVE-2025-54052 was published Aug 20, 2025
Cross-Site Request Forgery (CSRF) vulnerability in wptasker WP Discord Post Plus – ... Moderate Unreviewed
CVE-2025-49896 was published Aug 20, 2025
Cross-Site Request Forgery (CSRF) vulnerability in ads.txt Guru ads.txt Guru Connect allows Cross... Critical Unreviewed
CVE-2025-49381 was published Aug 20, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Fetch Designs Sign-up Sheets allows Cross Site... Moderate Unreviewed
CVE-2025-49391 was published Aug 20, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Basix NEX-Forms allows Cross Site Request... High Unreviewed
CVE-2025-49399 was published Aug 20, 2025
Cross-Site Request Forgery (CSRF) vulnerability in DexignZone JobZilla - Job Board WordPress... High Unreviewed
CVE-2025-49382 was published Aug 20, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Dourou Cookie Warning allows Cross Site... Moderate Unreviewed
CVE-2025-49426 was published Aug 20, 2025
The Last.fm Recent Album Artwork plugin for WordPress is vulnerable to Cross-Site Request Forgery... Moderate Unreviewed
CVE-2025-7684 was published Aug 16, 2025
The LatestCheckins plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2025-7683 was published Aug 16, 2025
The Linux Promotional Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed
CVE-2025-7668 was published Aug 16, 2025
The weichuncai(WP伪春菜) plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2025-7686 was published Aug 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in iThemes ServerBuddy by PluginBuddy.Com allows... High Unreviewed
CVE-2025-49895 was published Aug 16, 2025
The SecuPress Free — WordPress Security plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed
CVE-2024-1504 was published Apr 2, 2024
The Add User Meta plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2025-7688 was published Aug 15, 2025
A vulnerability has been found in mtons mblog up to 3.5.0. Affected by this issue is some unknown... Moderate Unreviewed
CVE-2025-8992 was published Aug 15, 2025
Cross-Site Request Forgery (CSRF) vulnerability in ApusTheme Findgo allows Cross Site Request... High Unreviewed
CVE-2025-53587 was published Aug 14, 2025
Cross-Site Request Forgery (CSRF) vulnerability in hakeemnala Build App Online allows Cross Site... Moderate Unreviewed
CVE-2025-53249 was published Aug 14, 2025
Cross-Site Request Forgery (CSRF) vulnerability in CreativeMindsSolutions CM On Demand Search And... Moderate Unreviewed
CVE-2025-54728 was published Aug 14, 2025
Cross-Site Request Forgery (CSRF) vulnerability in pl4g4 WP-Database-Optimizer-Tools allows Cross... Moderate Unreviewed
CVE-2025-53219 was published Aug 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database