Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,356
Erlang
33
GitHub Actions
22
Go
2,121
Maven
5,000+
npm
3,783
NuGet
683
pip
3,465
Pub
12
RubyGems
893
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

3,632 advisories

Loading
The Houzez Property Feed plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2025-0808 was published Feb 12, 2025
Cross-Site Request Forgery (CSRF) vulnerability in MailMunch MailChimp Forms by MailMunch.This... Moderate Unreviewed
CVE-2024-31378 was published Apr 15, 2024
Cross-Site Request Forgery (CSRF) vulnerability in SysBasics Customize My Account for WooCommerce... Moderate Unreviewed
CVE-2023-51369 was published Mar 15, 2024
Aten PE8108 2.4.232 is vulnerable to Cross Site Request Forgery (CSRF). Moderate Unreviewed
CVE-2023-25411 was published Apr 11, 2023
SAP Commerce, by default, sets certain cookies with the SameSite attribute configured to None ... Moderate Unreviewed
CVE-2025-24875 was published Feb 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Zaytech Smart Online Order for Clover.This... Moderate Unreviewed
CVE-2024-31238 was published Apr 12, 2024
Magento cross-site request forgery (CSRF) vulnerability via the GraphQL API Moderate
CVE-2021-21027 was published for magento/community-edition (Composer) May 24, 2022
A vulnerability, which was classified as problematic, was found in SourceCodester Simple... Moderate Unreviewed
CVE-2024-5097 was published May 19, 2024
The Gestpay for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed
CVE-2024-0433 was published Feb 28, 2024
The Gestpay for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed
CVE-2024-0432 was published Feb 28, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs Paid Member Subscriptions.This... Moderate Unreviewed
CVE-2023-51522 was published Mar 15, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Themify Themify Builder.This issue affects... Moderate Unreviewed
CVE-2024-24872 was published Feb 21, 2024
The WP All Import Pro plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2024-9661 was published Feb 7, 2025
The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Cross-Site... Moderate Unreviewed
CVE-2024-1446 was published May 22, 2024
Cross-Site Request Forgery (CSRF) vulnerability in jordan.hatch Infusionsoft Analytics allows... Moderate Unreviewed
CVE-2025-25145 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in ibasit GlobalQuran allows Cross Site Request... Moderate Unreviewed
CVE-2025-25143 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in saleandro Songkick Concerts and Festivals... Moderate Unreviewed
CVE-2025-25146 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in bnielsen Indeed API allows Cross Site Request... Moderate Unreviewed
CVE-2025-25103 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in paulswarthout Child Themes Helper allows Path... Moderate Unreviewed
CVE-2025-25093 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in WP Spell Check WP Spell Check allows Cross... Moderate Unreviewed
CVE-2025-25111 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Easy Digital Downloads.This issue affects Easy... Moderate Unreviewed
CVE-2024-31113 was published May 14, 2024
A cross-site request forgery (CSRF) vulnerability in the pjActionUpdate function of PHPJabbers... Moderate Unreviewed
CVE-2024-57429 was published Feb 6, 2025
A vulnerability, which was classified as problematic, has been found in Mindskip xzs-mysql... Moderate Unreviewed
CVE-2025-1084 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Metagauss ProfileGrid.This issue affects... Moderate Unreviewed
CVE-2024-31362 was published Apr 12, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Easy Digital Downloads.This issue affects Easy... Moderate Unreviewed
CVE-2024-31293 was published Apr 12, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database