GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,194
Composer 4,342
Erlang 31
GitHub Actions 22
Go 2,106
Maven 5,281
npm 3,764
NuGet 679
pip 3,451
Pub 12
RubyGems 892
Rust 886
Swift 37

Unreviewed advisories

All unreviewed 243,149

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

6,724 advisories

Filter by severity

Sort by

Least recently updated

Cross-Site Request Forgery (CSRF) vulnerability in Alessandro Piconi - SabLab Internal Link... High Unreviewed

CVE-2025-23989 was published Jan 31, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Mahbubur Rahman Post Meta allows Reflected XSS... High Unreviewed

CVE-2025-24549 was published Jan 31, 2025

Cross-Site Request Forgery (CSRF) vulnerability in jablonczay Scroll Styler. This issue affects... High Unreviewed

CVE-2025-23990 was published Jan 31, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Overt Software Solutions LTD EZPZ SAML SP... High Unreviewed

CVE-2025-24749 was published Jan 31, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Ninos Ego FlashCounter allows Stored XSS. This... High Unreviewed

CVE-2025-23978 was published Jan 31, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Brainvireinfo Dynamic URL SEO allows Cross... Moderate Unreviewed

CVE-2025-23985 was published Jan 31, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Bhaskar Dhote Post Carousel Slider allows... High Unreviewed

CVE-2025-23977 was published Jan 31, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Pedro Marcelo Issuu Panel allows Stored XSS.... High Unreviewed

CVE-2025-23976 was published Jan 31, 2025

Cross-Site Request Forgery (CSRF) vulnerability in James Andrews Full Circle allows Stored XSS.... High Unreviewed

CVE-2025-23980 was published Jan 31, 2025

An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.6 prior to... Moderate Unreviewed

CVE-2024-1211 was published Jan 31, 2025

The WP Image Uploader plugin for WordPress is vulnerable to arbitrary file deletion due to... High Unreviewed

CVE-2024-13720 was published Jan 30, 2025

The WP Image Uploader plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... High Unreviewed

CVE-2024-13707 was published Jan 30, 2025

The Wonder FontAwesome plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2024-13512 was published Jan 30, 2025

The CP Contact Form with PayPal plugin for WordPress is vulnerable to Cross-Site Request Forgery... Moderate Unreviewed

CVE-2024-13758 was published Jan 30, 2025

Teedy <= 1.12 is vulnerable to Cross Site Request Forgery (CSRF), due to the lack of CSRF... High Unreviewed

CVE-2024-54851 was published Jan 30, 2025

The MailUp Auto Subscription plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed

CVE-2024-13521 was published Jan 28, 2025

Cross Site Request Forgery vulnerability in LifestyleStore v.1.0 allows a remote attacker to... High Unreviewed

CVE-2024-57373 was published Jan 28, 2025

In Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06, the request /goform/fromSetDDNS does... High Unreviewed

CVE-2024-48418 was published Jan 27, 2025

Cross-Site Request Forgery (CSRF) vulnerability in SeedProd Coming Soon Page, Under Construction ... Moderate Unreviewed

CVE-2025-24540 was published Jan 27, 2025

Cross-Site Request Forgery (CSRF) vulnerability in WP Go Maps (formerly WP Google Maps) WP Go... Moderate Unreviewed

CVE-2025-24742 was published Jan 27, 2025

Cross-Site Request Forgery (CSRF) vulnerability in slaFFik BuddyPress Groups Extras allows Cross... Moderate Unreviewed

CVE-2025-24538 was published Jan 27, 2025

Cross-Site Request Forgery (CSRF) vulnerability in The Events Calendar The Events Calendar allows... Moderate Unreviewed

CVE-2025-24537 was published Jan 27, 2025

Cross-Site Request Forgery (CSRF) vulnerability in MetaSlider Responsive Slider by MetaSlider... Moderate Unreviewed

CVE-2025-24533 was published Jan 27, 2025

The WP Customer Area WordPress plugin through 8.2.4 does not have CSRF check in place when... Moderate Unreviewed

CVE-2024-12280 was published Jan 27, 2025

The VikBooking Hotel Booking Engine & PMS plugin for WordPress is vulnerable to Cross-Site... High Unreviewed

CVE-2024-11641 was published Jan 26, 2025

Previous 1 2 3 4 5 … 268 269 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

6,724 advisories