GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,513
Composer 4,968
Erlang 39
GitHub Actions 38
Go 2,617
Maven 6,100
npm 4,255
NuGet 760
pip 4,040
Pub 12
RubyGems 953
Rust 1,050
Swift 45

Unreviewed advisories

All unreviewed 275,919

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

130,737 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More plugin... Moderate Unreviewed

CVE-2025-12045 was published Nov 4, 2025

The WP Carticon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-12065 was published Nov 4, 2025

The Ai Auto Tool Content Writing Assistant (Gemini Writer, ChatGPT ) All in One plugin for... Moderate Unreviewed

CVE-2025-12156 was published Nov 4, 2025

The Nari Accountant plugin for WordPress is vulnerable to Stored Cross-Site Scripting via account... Moderate Unreviewed

CVE-2025-12371 was published Nov 4, 2025

The Extensions for Leaflet Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2025-12369 was published Nov 4, 2025

The DominoKit plugin for WordPress is vulnerable to unauthorized access due to a missing... Moderate Unreviewed

CVE-2025-12350 was published Nov 4, 2025

The Import Export For WooCommerce plugin for WordPress is vulnerable to unauthorized modification... Moderate Unreviewed

CVE-2025-12389 was published Nov 4, 2025

The LinkedIn Resume plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2025-12402 was published Nov 4, 2025

The Posts Navigation Links for Sections and Headings – Free by WP Masters plugin for WordPress is... Moderate Unreviewed

CVE-2025-12188 was published Nov 4, 2025

The Free Quotation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin... Moderate Unreviewed

CVE-2025-12393 was published Nov 4, 2025

The Associados Amazon Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed

CVE-2025-12403 was published Nov 4, 2025

The LMB^Box Smileys plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2025-12400 was published Nov 4, 2025

The Top Bar Notification plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2025-12412 was published Nov 4, 2025

The clubmember plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin... Moderate Unreviewed

CVE-2025-12396 was published Nov 4, 2025

The SH Contextual Help plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2025-12410 was published Nov 4, 2025

The MapMap plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to... Moderate Unreviewed

CVE-2025-12415 was published Nov 4, 2025

The Visit Counter plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 1.0... Moderate Unreviewed

CVE-2025-12452 was published Nov 4, 2025

The Centangle-Team plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2025-12456 was published Nov 4, 2025

The Social Media WPCF7 Stop Words plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed

CVE-2025-12413 was published Nov 4, 2025

The Pagerank Tools plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Cross... Moderate Unreviewed

CVE-2025-12416 was published Nov 4, 2025

Information disclosure while registering commands from clients with diag through diagHal. Moderate Unreviewed

CVE-2025-27064 was published Nov 4, 2025

Transient DOS when a remote device sends an invalid connection request during BT connectable LE... Moderate Unreviewed

CVE-2025-47370 was published Nov 4, 2025

The Reuse Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-11812 was published Nov 4, 2025

Information disclosure while processing message from client with invalid payload. Moderate Unreviewed

CVE-2025-47362 was published Nov 4, 2025

The ViaAds plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to... Moderate Unreviewed

CVE-2025-12070 was published Nov 4, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

130,737 advisories