Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,803
Erlang
36
GitHub Actions
29
Go
2,387
Maven
5,000+
npm
4,017
NuGet
720
pip
3,811
Pub
12
RubyGems
930
Rust
988
Swift
38
Unreviewed advisories
All unreviewed
5,000+

7,811 advisories

Loading
The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Cross-Site... Moderate Unreviewed
CVE-2025-7369 was published Jul 21, 2025
A vulnerability, which was classified as problematic, was found in PHPGurukul Complaint... Moderate Unreviewed
CVE-2025-7834 was published Jul 19, 2025
The Avishi WP PayPal Payment Button plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed
CVE-2025-7669 was published Jul 19, 2025
StudentManage v1.0 was discovered to contain Cross-Site Request Forgery (CSRF). Moderate Unreviewed
CVE-2025-50586 was published Jul 18, 2025
The Copymatic – AI Content Writer & Generator plugin for WordPress is vulnerable to Cross-Site... Moderate Unreviewed
CVE-2025-6781 was published Jul 18, 2025
The Zuppler Online Ordering plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed
CVE-2025-6053 was published Jul 18, 2025
A vulnerability classified as problematic has been found in code-projects E-Commerce Site 1.0.... Moderate Unreviewed
CVE-2025-7756 was published Jul 17, 2025
Cross-Site Request Forgery (CSRF) vulnerability in xfinitysoft WP Post Hide allows Cross Site... Moderate Unreviewed
CVE-2025-54042 was published Jul 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in WP Swings Wallet System for WooCommerce allows... Moderate Unreviewed
CVE-2025-54041 was published Jul 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Erik AntiSpam for Contact Form 7 allows Cross... Moderate Unreviewed
CVE-2025-54020 was published Jul 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Elliot Sowersby / RelyWP Coupon Affiliates... Moderate Unreviewed
CVE-2025-54022 was published Jul 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in GSheetConnector by WesternDeal WooCommerce... Moderate Unreviewed
CVE-2025-54030 was published Jul 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Webba Appointment Booking Webba Booking allows... Moderate Unreviewed
CVE-2025-54036 was published Jul 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Software Newsletters allows Cross... Moderate Unreviewed
CVE-2025-54035 was published Jul 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in BlocksWP Theme Builder For Elementor allows... Moderate Unreviewed
CVE-2025-54033 was published Jul 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in jetmonsters Restaurant Menu by MotoPress... Moderate Unreviewed
CVE-2025-54038 was published Jul 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Toast Plugins Animator allows Cross Site... Moderate Unreviewed
CVE-2025-54039 was published Jul 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Shahjahan Jewel FluentSnippets allows Cross... Critical Unreviewed
CVE-2025-54010 was published Jul 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Atakan Au Import CDN-Remote Images allows... High Unreviewed
CVE-2025-48153 was published Jul 16, 2025
Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component:... Moderate Unreviewed
CVE-2025-50090 was published Jul 15, 2025
Vulnerability in Oracle REST Data Services (component: General). The supported version that is... Moderate Unreviewed
CVE-2025-30756 was published Jul 15, 2025
Vulnerability in the Oracle MES for Process Manufacturing product of Oracle E-Business Suite ... Moderate Unreviewed
CVE-2025-30745 was published Jul 15, 2025
The Restrict File Access plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... High Unreviewed
CVE-2025-7667 was published Jul 15, 2025
Cross-site scripting in certain Zoom Clients before version 6.4.5 may allow an authenticated... Low Unreviewed
CVE-2025-49462 was published Jul 10, 2025
A security bypass vulnerability allows exploitation via Reverse Tabnabbing, a type of phishing... Moderate Unreviewed
CVE-2025-7379 was published Jul 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database