GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,172

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

4,360 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Side Slide Responsive Menu plugin for WordPress is vulnerable to Cross-Site Request Forgery... Moderate Unreviewed

CVE-2025-9880 was published Sep 12, 2025

The Ultimate Blogroll plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2025-9881 was published Sep 12, 2025

The Plugin updates blocker plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed

CVE-2025-9634 was published Sep 11, 2025

The PhpList Subber plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2025-9632 was published Sep 11, 2025

The Analytics Reduce Bounce Rate plugin for WordPress is vulnerable to Cross-Site Request Forgery... Moderate Unreviewed

CVE-2025-9635 was published Sep 11, 2025

The LH Signing plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed

CVE-2025-9633 was published Sep 11, 2025

The Blog Designer For Elementor – Post Slider, Post Carousel, Post Grid plugin for WordPress is... Moderate Unreviewed

CVE-2025-8481 was published Sep 11, 2025

The Run Log plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up... Moderate Unreviewed

CVE-2025-9627 was published Sep 11, 2025

The Seo Monster plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed

CVE-2025-9620 was published Sep 11, 2025

The AutoCatSet plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed

CVE-2025-9631 was published Sep 11, 2025

The Admin in English with Switch plugin for WordPress is vulnerable to Cross-Site Request Forgery... Moderate Unreviewed

CVE-2025-9623 was published Sep 11, 2025

The The integration of the AMO.CRM plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed

CVE-2025-9628 was published Sep 11, 2025

The Publish approval plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2025-9617 was published Sep 11, 2025

The Zoho Flow plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to,... Moderate Unreviewed

CVE-2025-8479 was published Sep 11, 2025

The WP Blast | SEO & Performance Booster plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed

CVE-2025-9622 was published Sep 10, 2025

The Maspik – Ultimate Spam Protection plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed

CVE-2025-9888 was published Sep 10, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Helmut Wandl Advanced Settings allows Cross... Moderate Unreviewed

CVE-2025-58975 was published Sep 9, 2025

CSRF in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6,... Moderate Unreviewed

CVE-2025-8711 was published Sep 9, 2025

Due to insufficient CSRF protection in SAP Fiori App Manage Work Center Groups, an authenticated... Moderate Unreviewed

CVE-2025-42923 was published Sep 9, 2025

Cross-Site Request Forgery (CSRF) vulnerability in fullworks Quick Paypal Payments allows Cross... Moderate Unreviewed

CVE-2025-27003 was published Sep 5, 2025

Cross-Site Request Forgery (CSRF) vulnerability in usamafarooq Woocommerce Gifts Product allows... Moderate Unreviewed

CVE-2025-58878 was published Sep 5, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Simasicher SimaCookie allows Stored XSS. This... Moderate Unreviewed

CVE-2025-58869 was published Sep 5, 2025

Cross-Site Request Forgery (CSRF) vulnerability in reimund Compact Admin allows Cross Site... Moderate Unreviewed

CVE-2025-58865 was published Sep 5, 2025

Cross-Site Request Forgery (CSRF) vulnerability in ablancodev Woocommerce Notify Updated Product... Moderate Unreviewed

CVE-2025-58856 was published Sep 5, 2025

Cross-Site Request Forgery (CSRF) vulnerability in themelocation Custom WooCommerce Checkout... Moderate Unreviewed

CVE-2025-58799 was published Sep 5, 2025

Previous1…175 Next

Previous 1 2 3 4 5 … 174 175 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

4,360 advisories