GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,339
Composer 4,652
Erlang 34
GitHub Actions 26
Go 2,253
Maven 5,510
npm 3,906
NuGet 704
pip 3,678
Pub 12
RubyGems 915
Rust 943
Swift 38

Unreviewed advisories

All unreviewed 253,095

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

253,095 advisories

Filter by severity

Sort by

Least recently updated

The FuseDesk plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-3832 was published Apr 24, 2025

The Buddypress Force Password Change plugin for WordPress is vulnerable to authenticated account... Moderate Unreviewed

CVE-2025-3793 was published Apr 24, 2025

The Flynax Bridge plugin for WordPress is vulnerable to privilege escalation via account takeover... Critical Unreviewed

CVE-2025-3604 was published Apr 24, 2025

The Xelion Webchat plugin for WordPress is vulnerable to unauthorized modification of data that... High Unreviewed

CVE-2025-3058 was published Apr 24, 2025

An issue has been discovered in GitLab EE/CE that could allow an attacker to track users'... High Unreviewed

CVE-2025-1908 was published Apr 24, 2025

The Woocommerce Automatic Order Printing | ( Formerly WooCommerce Google Cloud Print) plugin for... Moderate Unreviewed

CVE-2025-1284 was published Apr 24, 2025

The ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes plugin for WordPress is... Moderate Unreviewed

CVE-2025-3280 was published Apr 24, 2025

The Database Toolset plugin is vulnerable to arbitrary file deletion due to insufficient file... Critical Unreviewed

CVE-2025-3065 was published Apr 24, 2025

The Lottie Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via File... Moderate Unreviewed

CVE-2025-2579 was published Apr 24, 2025

The WPMasterToolKit (WPMTK) – All in one plugin plugin for WordPress is vulnerable to Directory... High Unreviewed

CVE-2025-3300 was published Apr 24, 2025

The Reales WP - Real Estate WordPress Theme theme for WordPress is vulnerable to unauthorized... Moderate Unreviewed

CVE-2024-13307 was published Apr 24, 2025

The Frontend Login and Registration Blocks plugin for WordPress is vulnerable to privilege... High Unreviewed

CVE-2025-3607 was published Apr 24, 2025

The Advanced Accordion Gutenberg Block plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2025-2543 was published Apr 24, 2025

The Configurator Theme Core plugin for WordPress is vulnerable to privilege escalation in all... High Unreviewed

CVE-2025-3101 was published Apr 24, 2025

The Verification SMS with TargetSMS plugin for WordPress is vulnerable to limited Remote Code... High Unreviewed

CVE-2025-3776 was published Apr 24, 2025

The Flynax Bridge plugin for WordPress is vulnerable to privilege escalation via account takeover... Critical Unreviewed

CVE-2025-3603 was published Apr 24, 2025

Use of hard-coded cryptographic key vulnerability in i-PRO Configuration Tool affects the network... Moderate Unreviewed

CVE-2025-32730 was published Apr 24, 2025

Mattermost versions 10.4.x <= 10.4.2, 10.5.x <= 10.5.0, 9.11.x <= 9.11.10 fail to validate the... Moderate Unreviewed

CVE-2025-35965 was published Apr 24, 2025

Mattermost versions 10.4.x <= 10.4.2, 10.5.x <= 10.5.0, 9.11.x <= 9.11.10 fail to properly... Low Unreviewed

CVE-2025-41423 was published Apr 24, 2025

An issue has been discovered affecting service availability via issue preview in GitLab CE/EE... Moderate Unreviewed

CVE-2025-0639 was published Apr 24, 2025

Mattermost versions 10.4.x <= 10.4.2, 10.5.x <= 10.5.0, 9.11.x <= 9.11.10 fail to properly... Moderate Unreviewed

CVE-2025-41395 was published Apr 24, 2025

An issue has been discovered in access controls could allow users to view certain restricted... Moderate Unreviewed

CVE-2024-12244 was published Apr 24, 2025

The My Tickets – Accessible Event Ticketing plugin for WordPress is vulnerable to Privilege... High Unreviewed

CVE-2025-3761 was published Apr 24, 2025

The Mang Board WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-3435 was published Apr 24, 2025

The Category Posts Widget WordPress plugin before 4.9.20 does not sanitise and escape some of its... Unknown Unreviewed

CVE-2025-1453 was published Apr 24, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

253,095 advisories