Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

7,977 advisories

Loading
A vulnerability classified as problematic has been found in code-projects Simple Car Rental... Moderate Unreviewed
CVE-2025-8335 was published Jul 31, 2025
In JetBrains TeamCity before 2025.07 a CSRF was possible in GitHub App connection flow Moderate Unreviewed
CVE-2025-54528 was published Jul 28, 2025
In JetBrains TeamCity before 2025.07 a CSRF was possible on GraphQL endpoint Moderate Unreviewed
CVE-2025-54536 was published Jul 28, 2025
In JetBrains TeamCity before 2025.07 a CSRF was possible in external OAuth login integration Low Unreviewed
CVE-2025-54529 was published Jul 28, 2025
A vulnerability, which was classified as problematic, was found in jerryshensjf JPACookieShop... Moderate Unreviewed
CVE-2025-8223 was published Jul 27, 2025
The Memory Usage plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed
CVE-2025-8104 was published Jul 27, 2025
The WPeMatico RSS Feed Fetcher plugin for WordPress is vulnerable to Cross-Site Request Forgery... Moderate Unreviewed
CVE-2025-8103 was published Jul 26, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Simplehelp.This issue affects Simplehelp:... Moderate Unreviewed
CVE-2025-36728 was published Jul 25, 2025
The Affiliate Plus plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2025-7690 was published Jul 25, 2025
The iThoughts Advanced Code Editor plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed
CVE-2025-7835 was published Jul 25, 2025
The Omnishop plugin for WordPress is vulnerable to Cross-Site Request Forgery on its /users... Moderate Unreviewed
CVE-2025-6214 was published Jul 23, 2025
The YANewsflash plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed
CVE-2025-6054 was published Jul 23, 2025
The Like & Share My Site plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2025-7685 was published Jul 22, 2025
The Latest Post Accordian Slider plugin for WordPress is vulnerable to Cross-Site Request Forgery... Moderate Unreviewed
CVE-2025-7687 was published Jul 22, 2025
The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Cross-Site... Moderate Unreviewed
CVE-2025-7369 was published Jul 21, 2025
A vulnerability, which was classified as problematic, was found in PHPGurukul Complaint... Moderate Unreviewed
CVE-2025-7834 was published Jul 19, 2025
The Avishi WP PayPal Payment Button plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed
CVE-2025-7669 was published Jul 19, 2025
StudentManage v1.0 was discovered to contain Cross-Site Request Forgery (CSRF). Moderate Unreviewed
CVE-2025-50586 was published Jul 18, 2025
The Copymatic – AI Content Writer & Generator plugin for WordPress is vulnerable to Cross-Site... Moderate Unreviewed
CVE-2025-6781 was published Jul 18, 2025
The Zuppler Online Ordering plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed
CVE-2025-6053 was published Jul 18, 2025
A vulnerability classified as problematic has been found in code-projects E-Commerce Site 1.0.... Moderate Unreviewed
CVE-2025-7756 was published Jul 17, 2025
Cross-Site Request Forgery (CSRF) vulnerability in xfinitysoft WP Post Hide allows Cross Site... Moderate Unreviewed
CVE-2025-54042 was published Jul 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in WP Swings Wallet System for WooCommerce allows... Moderate Unreviewed
CVE-2025-54041 was published Jul 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Webba Appointment Booking Webba Booking allows... Moderate Unreviewed
CVE-2025-54036 was published Jul 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in BlocksWP Theme Builder For Elementor allows... Moderate Unreviewed
CVE-2025-54033 was published Jul 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database