GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,264
Composer 4,811
Erlang 36
GitHub Actions 32
Go 2,396
Maven 5,780
npm 4,033
NuGet 721
pip 3,824
Pub 12
RubyGems 932
Rust 988
Swift 38

Unreviewed advisories

All unreviewed 263,956

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

7,822 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Memory Usage plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed

CVE-2025-8104 was published Jul 27, 2025

A vulnerability, which was classified as problematic, was found in jerryshensjf JPACookieShop... Moderate Unreviewed

CVE-2025-8223 was published Jul 27, 2025

The WPeMatico RSS Feed Fetcher plugin for WordPress is vulnerable to Cross-Site Request Forgery... Moderate Unreviewed

CVE-2025-8103 was published Jul 26, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Simplehelp.This issue affects Simplehelp:... Moderate Unreviewed

CVE-2025-36728 was published Jul 25, 2025

The Affiliate Plus plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2025-7690 was published Jul 25, 2025

The iThoughts Advanced Code Editor plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed

CVE-2025-7835 was published Jul 25, 2025

The YANewsflash plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed

CVE-2025-6054 was published Jul 23, 2025

The Omnishop plugin for WordPress is vulnerable to Cross-Site Request Forgery on its /users... Moderate Unreviewed

CVE-2025-6214 was published Jul 23, 2025

The Like & Share My Site plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2025-7685 was published Jul 22, 2025

The Latest Post Accordian Slider plugin for WordPress is vulnerable to Cross-Site Request Forgery... Moderate Unreviewed

CVE-2025-7687 was published Jul 22, 2025

The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Cross-Site... Moderate Unreviewed

CVE-2025-7369 was published Jul 21, 2025

A vulnerability, which was classified as problematic, was found in PHPGurukul Complaint... Moderate Unreviewed

CVE-2025-7834 was published Jul 19, 2025

The Avishi WP PayPal Payment Button plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed

CVE-2025-7669 was published Jul 19, 2025

StudentManage v1.0 was discovered to contain Cross-Site Request Forgery (CSRF). Moderate Unreviewed

CVE-2025-50586 was published Jul 18, 2025

The Copymatic – AI Content Writer & Generator plugin for WordPress is vulnerable to Cross-Site... Moderate Unreviewed

CVE-2025-6781 was published Jul 18, 2025

The Zuppler Online Ordering plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed

CVE-2025-6053 was published Jul 18, 2025

A vulnerability classified as problematic has been found in code-projects E-Commerce Site 1.0.... Moderate Unreviewed

CVE-2025-7756 was published Jul 17, 2025

Cross-Site Request Forgery (CSRF) vulnerability in xfinitysoft WP Post Hide allows Cross Site... Moderate Unreviewed

CVE-2025-54042 was published Jul 16, 2025

Cross-Site Request Forgery (CSRF) vulnerability in WP Swings Wallet System for WooCommerce allows... Moderate Unreviewed

CVE-2025-54041 was published Jul 16, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Software Newsletters allows Cross... Moderate Unreviewed

CVE-2025-54035 was published Jul 16, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Toast Plugins Animator allows Cross Site... Moderate Unreviewed

CVE-2025-54039 was published Jul 16, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Webba Appointment Booking Webba Booking allows... Moderate Unreviewed

CVE-2025-54036 was published Jul 16, 2025

Cross-Site Request Forgery (CSRF) vulnerability in GSheetConnector by WesternDeal WooCommerce... Moderate Unreviewed

CVE-2025-54030 was published Jul 16, 2025

Cross-Site Request Forgery (CSRF) vulnerability in jetmonsters Restaurant Menu by MotoPress... Moderate Unreviewed

CVE-2025-54038 was published Jul 16, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Elliot Sowersby / RelyWP Coupon Affiliates... Moderate Unreviewed

CVE-2025-54022 was published Jul 16, 2025

Previous 1 2 3 4 5 … 312 313 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

7,822 advisories