GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,194
Composer 4,342
Erlang 31
GitHub Actions 22
Go 2,106
Maven 5,281
npm 3,764
NuGet 679
pip 3,451
Pub 12
RubyGems 892
Rust 886
Swift 37

Unreviewed advisories

All unreviewed 243,078

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

6,715 advisories

Filter by severity

Sort by

Least recently updated

An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.6 prior to... Moderate Unreviewed

CVE-2024-1211 was published Jan 31, 2025

The WP Image Uploader plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... High Unreviewed

CVE-2024-13707 was published Jan 30, 2025

The WP Image Uploader plugin for WordPress is vulnerable to arbitrary file deletion due to... High Unreviewed

CVE-2024-13720 was published Jan 30, 2025

The Wonder FontAwesome plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2024-13512 was published Jan 30, 2025

The CP Contact Form with PayPal plugin for WordPress is vulnerable to Cross-Site Request Forgery... Moderate Unreviewed

CVE-2024-13758 was published Jan 30, 2025

Teedy <= 1.12 is vulnerable to Cross Site Request Forgery (CSRF), due to the lack of CSRF... High Unreviewed

CVE-2024-54851 was published Jan 30, 2025

The MailUp Auto Subscription plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed

CVE-2024-13521 was published Jan 28, 2025

Cross Site Request Forgery vulnerability in LifestyleStore v.1.0 allows a remote attacker to... High Unreviewed

CVE-2024-57373 was published Jan 28, 2025

In Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06, the request /goform/fromSetDDNS does... High Unreviewed

CVE-2024-48418 was published Jan 27, 2025

Cross-Site Request Forgery (CSRF) vulnerability in SeedProd Coming Soon Page, Under Construction ... Moderate Unreviewed

CVE-2025-24540 was published Jan 27, 2025

Cross-Site Request Forgery (CSRF) vulnerability in WP Go Maps (formerly WP Google Maps) WP Go... Moderate Unreviewed

CVE-2025-24742 was published Jan 27, 2025

Cross-Site Request Forgery (CSRF) vulnerability in slaFFik BuddyPress Groups Extras allows Cross... Moderate Unreviewed

CVE-2025-24538 was published Jan 27, 2025

Cross-Site Request Forgery (CSRF) vulnerability in The Events Calendar The Events Calendar allows... Moderate Unreviewed

CVE-2025-24537 was published Jan 27, 2025

Cross-Site Request Forgery (CSRF) vulnerability in MetaSlider Responsive Slider by MetaSlider... Moderate Unreviewed

CVE-2025-24533 was published Jan 27, 2025

The WP Customer Area WordPress plugin through 8.2.4 does not have CSRF check in place when... Moderate Unreviewed

CVE-2024-12280 was published Jan 27, 2025

The VikBooking Hotel Booking Engine & PMS plugin for WordPress is vulnerable to Cross-Site... High Unreviewed

CVE-2024-11641 was published Jan 26, 2025

The Linear plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to... Moderate Unreviewed

CVE-2024-13709 was published Jan 25, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Popup Box allows Cross Site... Moderate Unreviewed

CVE-2025-24711 was published Jan 24, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Counter Box allows Cross Site... Moderate Unreviewed

CVE-2025-24715 was published Jan 24, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Button Generator – easily Button... Moderate Unreviewed

CVE-2025-24713 was published Jan 24, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Herd Effects allows Cross Site... Moderate Unreviewed

CVE-2025-24716 was published Jan 24, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Bubble Menu – circle floating menu... Moderate Unreviewed

CVE-2025-24714 was published Jan 24, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Sticky Buttons allows Cross Site... Moderate Unreviewed

CVE-2025-24720 was published Jan 24, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Modal Window allows Cross Site... Moderate Unreviewed

CVE-2025-24717 was published Jan 24, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Side Menu Lite allows Cross Site... Moderate Unreviewed

CVE-2025-24724 was published Jan 24, 2025

Previous 1 2 3 4 5 … 268 269 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

6,715 advisories