GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,730
Composer 5,030
Erlang 39
GitHub Actions 38
Go 2,670
Maven 6,116
npm 4,296
NuGet 760
pip 4,075
Pub 12
RubyGems 957
Rust 1,058
Swift 45

Unreviewed advisories

All unreviewed 277,912

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

143,599 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Import WP – Export and Import CSV and XML files to WordPress plugin for WordPress is... Moderate Unreviewed

CVE-2025-12894 was published Nov 21, 2025

The Return Refund and Exchange For WooCommerce plugin for WordPress is vulnerable to Insecure... Moderate Unreviewed

CVE-2025-12881 was published Nov 21, 2025

The HotelRunner Booking Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2025-13135 was published Nov 21, 2025

The Custom Post Type plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2025-13142 was published Nov 21, 2025

The AuthorSure plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed

CVE-2025-13134 was published Nov 21, 2025

The Tips Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tip... Moderate Unreviewed

CVE-2025-11767 was published Nov 21, 2025

The BrightTALK WordPress Shortcode plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2025-11770 was published Nov 21, 2025

The Islamic Phrases plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-11768 was published Nov 21, 2025

The AudioTube plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'caption'... Moderate Unreviewed

CVE-2025-11801 was published Nov 21, 2025

The Affiliate AI Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-11799 was published Nov 21, 2025

The Cryptocurrency (Token), Launchpad (Presale), ICO & IDO, Airdrop by TokenICO plugin for... Moderate Unreviewed

CVE-2025-11773 was published Nov 21, 2025

The Surbma | MiniCRM Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2025-11800 was published Nov 21, 2025

The Bulma Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-11802 was published Nov 21, 2025

The EchBay Admin Security plugin for WordPress is vulnerable to Reflected Cross-Site Scripting... Moderate Unreviewed

CVE-2025-11885 was published Nov 21, 2025

The Checkbox plugin for WordPress is vulnerable to unauthorized loss of data due to a missing... Moderate Unreviewed

CVE-2025-12170 was published Nov 21, 2025

The Tainacan plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'search... Moderate Unreviewed

CVE-2025-12746 was published Nov 21, 2025

The UiPress lite | Effortless custom dashboards, admin themes and pages plugin for WordPress is... Moderate Unreviewed

CVE-2025-11003 was published Nov 21, 2025

The UiPress lite plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed

CVE-2025-10938 was published Nov 21, 2025

The Shortcodes Bootstrap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-11764 was published Nov 21, 2025

The Display Pages Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-11763 was published Nov 21, 2025

The Stock Tools plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-11765 was published Nov 21, 2025

The installation directory of LogStare Collector is configured with incorrect access permissions.... Moderate Unreviewed

CVE-2025-58097 was published Nov 21, 2025

LogStare Collector contains a stored cross-site scripting vulnerability in UserManagement. If... Moderate Unreviewed

CVE-2025-61949 was published Nov 21, 2025

Cross-site request forgery vulnerability exists in LogStare Collector. If a user views a crafted... Moderate Unreviewed

CVE-2025-62687 was published Nov 21, 2025

LogStare Collector contains an incorrect authorization vulnerability in UserRegistration. If... Moderate Unreviewed

CVE-2025-62189 was published Nov 21, 2025

Previous 1…4…400 Next

Previous 1 2 3 4 5 6 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

143,599 advisories