Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,466
Erlang
33
GitHub Actions
23
Go
2,166
Maven
5,000+
npm
3,830
NuGet
696
pip
3,507
Pub
12
RubyGems
909
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

6,246 advisories

Loading
Cross-Site Request Forgery (CSRF) vulnerability in Recapture Cart Recovery and Email Marketing... Moderate Unreviewed
CVE-2025-26899 was published Mar 16, 2025
The Tripetto plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up... Moderate Unreviewed
CVE-2025-1530 was published Mar 15, 2025
The LoginPress | wp-login Custom Login Page Customizer plugin for WordPress is vulnerable to... High Unreviewed
CVE-2025-1764 was published Mar 14, 2025
The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to Cross... High Unreviewed
CVE-2024-13913 was published Mar 14, 2025
Cross-Site Request Forgery (CSRF) vulnerability in BCS Website Solutions Insert Code allows... High Unreviewed
CVE-2025-28932 was published Mar 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in ohtan Spam Byebye allows Cross Site Request... Moderate Unreviewed
CVE-2025-28941 was published Mar 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in arkapravamajumder Back To Top allows Cross... Moderate Unreviewed
CVE-2025-28940 was published Mar 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Ravinder Khurana WP Hide Admin Bar allows... Moderate Unreviewed
CVE-2025-28910 was published Mar 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in edwardw WP No-Bot Question allows Cross Site... Moderate Unreviewed
CVE-2025-28909 was published Mar 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Aftab Ali Muni WP Add Active Class To Menu... Moderate Unreviewed
CVE-2025-28913 was published Mar 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Terence D. Go To Top allows Stored XSS. This... High Unreviewed
CVE-2025-28922 was published Mar 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in philippe No Disposable Email allows Stored XSS... High Unreviewed
CVE-2025-28923 was published Mar 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in maxfoundry MaxA/B allows Stored XSS. This... High Unreviewed
CVE-2025-28933 was published Mar 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Muntasir Rahman Custom Dashboard Page allows... Moderate Unreviewed
CVE-2025-28912 was published Mar 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in A. Chappard Display Template Name allows Cross... Moderate Unreviewed
CVE-2025-28927 was published Mar 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Hieu Nguyen WATI Chat and Notification allows... High Unreviewed
CVE-2025-28925 was published Mar 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in DevriX Hashtags allows Stored XSS. This issue... High Unreviewed
CVE-2025-28931 was published Mar 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Martin WP Compare Tables allows Stored XSS.... High Unreviewed
CVE-2025-28883 was published Mar 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Skrill_Team Skrill Official allows Cross Site... Moderate Unreviewed
CVE-2025-28876 was published Mar 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Rajesh Kumar WP Bulk Post Duplicator allows... Moderate Unreviewed
CVE-2025-28884 was published Mar 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in mg12 Mobile Themes allows Cross Site Request... Moderate Unreviewed
CVE-2025-28881 was published Mar 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in frucomerci List of Posts from each Category... High Unreviewed
CVE-2025-28894 was published Mar 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Fastmover Plugins Last Updated Column allows... Moderate Unreviewed
CVE-2025-28887 was published Mar 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in jazzigor price-calc allows Stored XSS. This... High Unreviewed
CVE-2025-28891 was published Mar 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in a2rocklobster FTP Sync allows Stored XSS. This... High Unreviewed
CVE-2025-28892 was published Mar 11, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database