GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,216
Composer 4,894
Erlang 38
GitHub Actions 38
Go 2,556
Maven 6,025
npm 4,228
NuGet 747
pip 4,000
Pub 12
RubyGems 953
Rust 1,041
Swift 45

Unreviewed advisories

All unreviewed 273,599

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

129,271 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Zip Attachments plugin for WordPress is vulnerable to unauthorized loss of data due to a... Moderate Unreviewed

CVE-2025-11692 was published Oct 15, 2025

The URLYar URL Shortner plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-10133 was published Oct 15, 2025

The FunKItools plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed

CVE-2025-10301 was published Oct 15, 2025

The TopBar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to... Moderate Unreviewed

CVE-2025-10300 was published Oct 15, 2025

The Rich Snippet Site Report plugin for WordPress is vulnerable to SQL Injection via the 'last'... Moderate Unreviewed

CVE-2025-10310 was published Oct 15, 2025

The Shortcode Button plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-10194 was published Oct 15, 2025

The WP ViewSTL plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's... Moderate Unreviewed

CVE-2025-10135 was published Oct 15, 2025

The WP jQuery Pager plugin for WordPress is vulnerable to SQL Injection via the 'ids' shortcode... Moderate Unreviewed

CVE-2025-10575 was published Oct 15, 2025

The WhyDonate – FREE Donate button – Crowdfunding – Fundraising plugin for WordPress is... Moderate Unreviewed

CVE-2025-10186 was published Oct 15, 2025

The Library Management System plugin for WordPress is vulnerable to unauthorized modification of... Moderate Unreviewed

CVE-2025-10303 was published Oct 15, 2025

The Wp tabber widget plugin for WordPress is vulnerable to SQL Injection via the 'wp-tabber... Moderate Unreviewed

CVE-2025-10730 was published Oct 15, 2025

The TARIFFUXX plugin for WordPress is vulnerable to SQL Injection in versions up to, and... Moderate Unreviewed

CVE-2025-10682 was published Oct 15, 2025

The WP Dashboard Chat plugin for WordPress is vulnerable to SQL Injection via the ‘id’ parameter... Moderate Unreviewed

CVE-2025-10660 was published Oct 15, 2025

The Zip Attachments plugin for WordPress is vulnerable to unauthorized access of data due to a... Moderate Unreviewed

CVE-2025-11701 was published Oct 15, 2025

The WP Google Map Plugin plugin for WordPress is vulnerable to blind SQL Injection via the 'id'... Moderate Unreviewed

CVE-2025-11365 was published Oct 15, 2025

The YourMembership Single Sign On – YM SSO Login plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-10648 was published Oct 15, 2025

The Oceanpayment CreditCard Gateway plugin for WordPress is vulnerable to unauthenticated and... Moderate Unreviewed

CVE-2025-11728 was published Oct 15, 2025

The Task Scheduler plugin for WordPress is vulnerable to Server-Side Request Forgery in all... Moderate Unreviewed

CVE-2025-10056 was published Oct 15, 2025

The onOffice for WP-Websites plugin for WordPress is vulnerable to SQL Injection via the 'order'... Moderate Unreviewed

CVE-2025-10045 was published Oct 15, 2025

The Binary MLM Plan plugin for WordPress is vulnerable to limited Privilege Escalation in all... Moderate Unreviewed

CVE-2025-10038 was published Oct 15, 2025

The Content Writer plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed

CVE-2025-10486 was published Oct 15, 2025

The Quick Social Login plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-10140 was published Oct 15, 2025

The WP BookWidgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-10139 was published Oct 15, 2025

The Theme Importer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2025-10312 was published Oct 15, 2025

The Digiseller plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's... Moderate Unreviewed

CVE-2025-10141 was published Oct 15, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

129,271 advisories