Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

7,976 advisories

Loading
The Side Slide Responsive Menu plugin for WordPress is vulnerable to Cross-Site Request Forgery... Moderate Unreviewed
CVE-2025-9880 was published Sep 12, 2025
The Ultimate Blogroll plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2025-9881 was published Sep 12, 2025
The Plugin updates blocker plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed
CVE-2025-9634 was published Sep 11, 2025
The PhpList Subber plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2025-9632 was published Sep 11, 2025
The Analytics Reduce Bounce Rate plugin for WordPress is vulnerable to Cross-Site Request Forgery... Moderate Unreviewed
CVE-2025-9635 was published Sep 11, 2025
The LH Signing plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed
CVE-2025-9633 was published Sep 11, 2025
The Blog Designer For Elementor – Post Slider, Post Carousel, Post Grid plugin for WordPress is... Moderate Unreviewed
CVE-2025-8481 was published Sep 11, 2025
The Run Log plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up... Moderate Unreviewed
CVE-2025-9627 was published Sep 11, 2025
The Seo Monster plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed
CVE-2025-9620 was published Sep 11, 2025
The AutoCatSet plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed
CVE-2025-9631 was published Sep 11, 2025
The Admin in English with Switch plugin for WordPress is vulnerable to Cross-Site Request Forgery... Moderate Unreviewed
CVE-2025-9623 was published Sep 11, 2025
The The integration of the AMO.CRM plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed
CVE-2025-9628 was published Sep 11, 2025
The Publish approval plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2025-9617 was published Sep 11, 2025
The Zoho Flow plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to,... Moderate Unreviewed
CVE-2025-8479 was published Sep 11, 2025
A vulnerability in the web-based management interface of Cisco Unified Communications Manager ... High Unreviewed
CVE-2025-20326 was published Sep 10, 2025
The WP Blast | SEO & Performance Booster plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed
CVE-2025-9622 was published Sep 10, 2025
The Maspik – Ultimate Spam Protection plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed
CVE-2025-9888 was published Sep 10, 2025
Dreamweaver Desktop versions 21.5 and earlier are affected by a Cross-Site Request Forgery (CSRF)... High Unreviewed
CVE-2025-54256 was published Sep 9, 2025
listmonk: CSRF to XSS Chain can Lead to Admin Account Takeover High
CVE-2025-58430 was published for github.com/knadh/listmonk (Go) Sep 9, 2025
r3verii
Cross-Site Request Forgery (CSRF) vulnerability in Cristiano Zanca WooCommerce Booking Bundle... High Unreviewed
CVE-2025-58991 was published Sep 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Frenify Mow allows Code Injection. This issue... Critical Unreviewed
CVE-2025-58997 was published Sep 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Helmut Wandl Advanced Settings allows Cross... Moderate Unreviewed
CVE-2025-58975 was published Sep 9, 2025
CSRF in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6,... High Unreviewed
CVE-2025-55147 was published Sep 9, 2025
CSRF in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6,... Moderate Unreviewed
CVE-2025-8711 was published Sep 9, 2025
Due to insufficient CSRF protection in SAP Fiori App Manage Work Center Groups, an authenticated... Moderate Unreviewed
CVE-2025-42923 was published Sep 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database