GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,018
Composer 4,300
Erlang 31
GitHub Actions 21
Go 2,069
Maven 5,241
npm 3,744
NuGet 668
pip 3,429
Pub 12
RubyGems 892
Rust 880
Swift 36

Unreviewed advisories

All unreviewed 240,428

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,175 advisories

Filter by severity

Sort by

Least recently updated

Cross-Site Request Forgery (CSRF) vulnerability in Drupal Minify JS allows Cross Site Request... Moderate Unreviewed

CVE-2024-13304 was published Jan 9, 2025

The Action Network plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2024-12394 was published Jan 9, 2025

The AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3,... Moderate Unreviewed

CVE-2024-12605 was published Jan 9, 2025

The Woocommerce check pincode/zipcode for shipping plugin for WordPress is vulnerable to Cross... Moderate Unreviewed

CVE-2024-12218 was published Jan 9, 2025

The WordPress Header Builder Plugin – Pearl plugin for WordPress is vulnerable to Cross-Site... Moderate Unreviewed

CVE-2024-12206 was published Jan 9, 2025

A vulnerability was found in kurniaramadhan E-Commerce-PHP 1.0. It has been classified as... Moderate Unreviewed

CVE-2024-13203 was published Jan 9, 2025

The Envo's Elementor Templates & Widgets for WooCommerce plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-0767 was published Feb 28, 2024

The Envo's Elementor Templates & Widgets for WooCommerce plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-0768 was published Feb 28, 2024

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed

CVE-2024-0512 was published Feb 29, 2024

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed

CVE-2024-0513 was published Feb 29, 2024

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed

CVE-2024-0515 was published Feb 29, 2024

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed

CVE-2024-0514 was published Feb 29, 2024

The Yuki theme for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to,... Moderate Unreviewed

CVE-2024-1943 was published Feb 28, 2024

The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-2110 was published Mar 28, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Digital Zoom Studio Admin debug wordpress –... Moderate Unreviewed

CVE-2025-22503 was published Jan 7, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Faaiq Pretty Url allows Cross Site Request... Moderate Unreviewed

CVE-2025-22563 was published Jan 7, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Jason Funk Title Experiments Free allows Cross... Moderate Unreviewed

CVE-2025-22562 was published Jan 7, 2025

The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Cross-Site... Moderate Unreviewed

CVE-2023-6326 was published Mar 2, 2024

The Categorify plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed

CVE-2024-1906 was published Feb 27, 2024

The Categorify plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed

CVE-2024-1912 was published Feb 27, 2024

The Categorify plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed

CVE-2024-1909 was published Feb 27, 2024

The Categorify plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed

CVE-2024-1907 was published Feb 27, 2024

The Categorify plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed

CVE-2024-1910 was published Feb 27, 2024

Cross-Site Request Forgery (CSRF) vulnerability in AIpost AI WP Writer allows Cross Site Request... Moderate Unreviewed

CVE-2025-22297 was published Jan 7, 2025

Cross-Site Request Forgery (CSRF) vulnerability in PixelYourSite PixelYourSite – Your smart PIXEL... Moderate Unreviewed

CVE-2025-22300 was published Jan 7, 2025

Previous 1 2 3 4 5 … 126 127 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,175 advisories