Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,908
Erlang
39
GitHub Actions
38
Go
2,568
Maven
5,000+
npm
4,240
NuGet
754
pip
4,004
Pub
12
RubyGems
953
Rust
1,042
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

129,479 advisories

Loading
The Kognetiks Chatbot plugin for WordPress is vulnerable to unauthorized modification of data due... Moderate Unreviewed
CVE-2025-11256 was published Oct 18, 2025
The PowerBI Embed Reports plugin for WordPress is vulnerable to Sensitive Information Disclosure... Moderate Unreviewed
CVE-2025-10750 was published Oct 18, 2025
The Redirection for Contact Form 7 plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2025-9562 was published Oct 18, 2025
The WPBakery Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2025-10006 was published Oct 18, 2025
The Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for... Moderate Unreviewed
CVE-2025-11270 was published Oct 18, 2025
The WPC Smart Quick View for WooCommerce plugin for WordPress is vulnerable to Information... Moderate Unreviewed
CVE-2025-11741 was published Oct 18, 2025
The Optimole – Optimize Images | Convert WebP & AVIF | CDN & Lazy Load | Image Optimization... Moderate Unreviewed
CVE-2025-11519 was published Oct 18, 2025
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to modification of data... Moderate Unreviewed
CVE-2025-11372 was published Oct 18, 2025
The FileBird – WordPress Media Library Folders & File Manager plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2025-11510 was published Oct 18, 2025
The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to Cache Poisoning in... Moderate Unreviewed
CVE-2025-11703 was published Oct 18, 2025
The GSpeech TTS – WordPress Text To Speech Plugin plugin for WordPress is vulnerable to SQL... Moderate Unreviewed
CVE-2025-10187 was published Oct 18, 2025
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2025-11937 was published Oct 18, 2025
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2025-62671 was published Oct 18, 2025
The ShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIF plugin for WordPress is... Moderate Unreviewed
CVE-2025-11378 was published Oct 18, 2025
The Async JavaScript plugin for WordPress is vulnerable to Stored Cross-Site Scripting in... Moderate Unreviewed
CVE-2020-36854 was published Oct 18, 2025
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2025-62665 was published Oct 18, 2025
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2025-62662 was published Oct 18, 2025
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2025-62670 was published Oct 18, 2025
Allocation of Resources Without Limits or Throttling vulnerability in The Wikimedia Foundation... Moderate Unreviewed
CVE-2025-62666 was published Oct 18, 2025
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2025-62663 was published Oct 18, 2025
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in The Wikimedia... Moderate Unreviewed
CVE-2025-62669 was published Oct 18, 2025
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2025-62664 was published Oct 18, 2025
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2025-62667 was published Oct 18, 2025
The XX2WP Integration Tools plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2025-11857 was published Oct 18, 2025
Incorrect Default Permissions vulnerability in The Wikimedia Foundation Mediawiki -... Moderate Unreviewed
CVE-2025-62668 was published Oct 18, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database