GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 31,212
Composer 5,909
Erlang 70
GitHub Actions 52
Go 3,948
Maven 6,604
npm 6,342
NuGet 969
pip 5,225
Pub 13
RubyGems 1,062
Rust 1,383
Swift 56

Unreviewed advisories

All unreviewed 305,454

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

838 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Enter Addons – Ultimate Template Builder for Elementor plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-10868 was published Nov 23, 2024

The Easy Twitter Feed – Twitter feeds plugin for WP plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-10666 was published Nov 22, 2024

The Directorist plugin for WordPress is vulnerable to an Insecure Direct Object Reference in... Moderate Unreviewed

CVE-2023-1889 was published Jun 9, 2023

The Quick Restaurant Menu plugin for WordPress is vulnerable to Insecure Direct Object Reference... Moderate Unreviewed

CVE-2023-0550 was published Jan 27, 2023

The Starbox – the Author Box for Humans plugin for WordPress is vulnerable to Insecure Direct... Moderate Unreviewed

CVE-2024-0366 was published Feb 6, 2024

The Contact Form 7 – Dynamic Text Extension plugin for WordPress is vulnerable to Insecure Direct... Moderate Unreviewed

CVE-2023-6630 was published Jan 11, 2024

The TeraWallet plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions... Moderate Unreviewed

CVE-2022-3995 was published Nov 29, 2022

The PeproDev Ultimate Invoice plugin for WordPress is vulnerable to Insecure Direct Object... Moderate Unreviewed

CVE-2024-13719 was published Feb 19, 2025

The Unlimited Theme Addon For Elementor and WooCommerce plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-12116 was published Jan 11, 2025

The UltraAddons – Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget,... Moderate Unreviewed

CVE-2024-10696 was published Feb 5, 2025

The User Meta – User Profile Builder and User management plugin plugin for WordPress is... Moderate Unreviewed

CVE-2024-9262 was published Nov 9, 2024

The BuddyPress Builder for Elementor – BuddyBuilder plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-10778 was published Nov 13, 2024

The Replace Image plugin for WordPress is vulnerable to Insecure Direct Object Reference in all... Moderate Unreviewed

CVE-2024-4873 was published Jun 19, 2024

The Campay Woocommerce Payment Gateway plugin for WordPress is vulnerable to Unauthenticated... Moderate Unreviewed

CVE-2025-12883 was published Dec 12, 2025

The Admin and Customer Messages After Order for WooCommerce: OrderConvo plugin for WordPress is... Moderate Unreviewed

CVE-2025-13389 was published Nov 25, 2025

The Admin and Customer Messages After Order for WooCommerce: OrderConvo plugin for WordPress is... Moderate Unreviewed

CVE-2025-13452 was published Nov 25, 2025

The Wishlist for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object... Moderate Unreviewed

CVE-2025-12040 was published Nov 25, 2025

The Ultra Addons Lite for Elementor plugin for WordPress is vulnerable to Information Exposure in... Moderate Unreviewed

CVE-2024-13832 was published Feb 28, 2025

The FeedWordPress plugin for WordPress is vulnerable to Insecure Direct Object Reference in all... Moderate Unreviewed

CVE-2024-0839 was published Mar 13, 2024

The Display custom fields in the frontend – Post and User Profile Fields plugin for WordPress is... Moderate Unreviewed

CVE-2023-6983 was published Feb 6, 2024

The Essential Real Estate plugin for WordPress is vulnerable to unauthorized loss of data due to... Moderate Unreviewed

CVE-2024-4274 was published Jun 4, 2024

The SP Project & Document Manager plugin for WordPress is vulnerable to unauthorized modification... Moderate Unreviewed

CVE-2024-1693 was published May 14, 2024

The Jeg Elementor Kit plugin for WordPress is vulnerable to authorization bypass in various AJAX... Moderate Unreviewed

CVE-2022-3794 was published Dec 22, 2022

The Permalink Manager Lite plugin for WordPress is vulnerable to unauthorized access of data due... Moderate Unreviewed

CVE-2024-2543 was published Apr 9, 2024

The Event Tickets and Registration plugin for WordPress is vulnerable to Sensitive Information... Moderate Unreviewed

CVE-2024-2261 was published Apr 9, 2024

Previous 1…5…34 Next

Previous 1 2 3 4 5 6 7 … 33 34 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

838 advisories