Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,350
Erlang
31
GitHub Actions
22
Go
2,119
Maven
5,000+
npm
3,778
NuGet
680
pip
3,459
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,269 advisories

Loading
The WP All Import Pro plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2024-9661 was published Feb 7, 2025
The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Cross-Site... Moderate Unreviewed
CVE-2024-1446 was published May 22, 2024
Cross-Site Request Forgery (CSRF) vulnerability in jordan.hatch Infusionsoft Analytics allows... Moderate Unreviewed
CVE-2025-25145 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in ibasit GlobalQuran allows Cross Site Request... Moderate Unreviewed
CVE-2025-25143 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in saleandro Songkick Concerts and Festivals... Moderate Unreviewed
CVE-2025-25146 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in WP Spell Check WP Spell Check allows Cross... Moderate Unreviewed
CVE-2025-25111 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in paulswarthout Child Themes Helper allows Path... Moderate Unreviewed
CVE-2025-25093 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in bnielsen Indeed API allows Cross Site Request... Moderate Unreviewed
CVE-2025-25103 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Easy Digital Downloads.This issue affects Easy... Moderate Unreviewed
CVE-2024-31113 was published May 14, 2024
A cross-site request forgery (CSRF) vulnerability in the pjActionUpdate function of PHPJabbers... Moderate Unreviewed
CVE-2024-57429 was published Feb 6, 2025
A vulnerability, which was classified as problematic, has been found in Mindskip xzs-mysql... Moderate Unreviewed
CVE-2025-1084 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Metagauss ProfileGrid.This issue affects... Moderate Unreviewed
CVE-2024-31362 was published Apr 12, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Easy Digital Downloads.This issue affects Easy... Moderate Unreviewed
CVE-2024-31293 was published Apr 12, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Themeisle Multiple Page Generator Plugin – MPG... Moderate Unreviewed
CVE-2024-31301 was published Apr 12, 2024
Cross Site Request Forgery (CSRF) in Users.php in SourceCodester Packers and Movers Management... Moderate Unreviewed
CVE-2024-57523 was published Feb 6, 2025
A vulnerability, which was classified as problematic, was found in Webkul QloApps 1.6.1. Affected... Moderate Unreviewed
CVE-2025-1074 was published Feb 6, 2025
The Colibri WP theme for WordPress is vulnerable to Cross-Site Request Forgery in all versions up... Moderate Unreviewed
CVE-2024-1360 was published Feb 23, 2024
IBM ApplinX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to... Moderate Unreviewed
CVE-2024-49794 was published Feb 6, 2025
IBM ApplinX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to... Moderate Unreviewed
CVE-2024-49795 was published Feb 6, 2025
The Custom Twitter Feeds – A Tweets Widget or X Feed Widget plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-0379 was published Feb 29, 2024
IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 is vulnerable to cross... Moderate Unreviewed
CVE-2024-35138 was published Feb 4, 2025
The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for... Moderate Unreviewed
CVE-2024-1760 was published Mar 6, 2024
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle... Moderate Unreviewed
CVE-2025-21526 was published Jan 21, 2025
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle... Moderate Unreviewed
CVE-2025-21528 was published Jan 21, 2025
The DSGVO All in one for WP plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed
CVE-2024-13356 was published Feb 4, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database