GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,730
Composer 5,030
Erlang 39
GitHub Actions 38
Go 2,670
Maven 6,116
npm 4,296
NuGet 760
pip 4,075
Pub 12
RubyGems 957
Rust 1,058
Swift 45

Unreviewed advisories

All unreviewed 277,898

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

277,898 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Missing Authorization vulnerability in Stiofan UsersWP userswp allows Exploiting Incorrectly... Moderate Unreviewed

CVE-2025-66072 was published Nov 21, 2025

Missing Authorization vulnerability in tychesoftwares Custom Order Numbers for WooCommerce custom... Moderate Unreviewed

CVE-2025-66071 was published Nov 21, 2025

Missing Authorization vulnerability in Jegstudio Gutenverse Form gutenverse-form allows... Moderate Unreviewed

CVE-2025-66079 was published Nov 21, 2025

Missing Authorization vulnerability in wpWax Legal Pages legal-pages allows Exploiting... Moderate Unreviewed

CVE-2025-66077 was published Nov 21, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-66066 was published Nov 21, 2025

Missing Authorization vulnerability in Jegstudio Gutenverse gutenverse allows Exploiting... Moderate Unreviewed

CVE-2025-66065 was published Nov 21, 2025

Deserialization of Untrusted Data vulnerability in Cozmoslabs WP Webhooks wp-webhooks allows... Moderate Unreviewed

CVE-2025-66073 was published Nov 21, 2025

The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-10054 was published Nov 21, 2025

The FluentCRM – Email Newsletter, Automation, Email Marketing, Email Campaigns, Optins, Leads,... Moderate Unreviewed

CVE-2025-12935 was published Nov 21, 2025

The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-10039 was published Nov 21, 2025

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix memory leak of... Unknown Unreviewed

CVE-2025-40209 was published Nov 21, 2025

In the Linux kernel, the following vulnerability has been resolved: Revert "NFSD: Remove the cap... Unknown Unreviewed

CVE-2025-40210 was published Nov 21, 2025

In the Linux kernel, the following vulnerability has been resolved: ACPI: video: Fix use-after... Unknown Unreviewed

CVE-2025-40211 was published Nov 21, 2025

The Simple User Registration plugin for WordPress is vulnerable to Stored Cross-Site Scripting... High Unreviewed

CVE-2025-12160 was published Nov 21, 2025

The WP Delete Post Copies plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-12066 was published Nov 21, 2025

The WP Directory Kit plugin for WordPress is vulnerable to SQL Injection via the 'columns_search'... High Unreviewed

CVE-2025-13138 was published Nov 21, 2025

The Magical Products Display plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2025-12964 was published Nov 21, 2025

The Groundhogg — CRM, Newsletters, and Marketing Automation plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-12750 was published Nov 21, 2025

The Vitepos – Point of Sale (POS) for WooCommerce plugin for WordPress is vulnerable to arbitrary... High Unreviewed

CVE-2025-13156 was published Nov 21, 2025

The Schedule Post Changes With PublishPress Future: Unpublish, Delete, Change Status, Trash,... Moderate Unreviewed

CVE-2025-13149 was published Nov 21, 2025

The Flo Forms – Easy Drag & Drop Form Builder plugin for WordPress is vulnerable to Stored Cross... High Unreviewed

CVE-2025-13159 was published Nov 21, 2025

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed

CVE-2025-13141 was published Nov 21, 2025

The WP AUDIO GALLERY plugin for WordPress is vulnerable to arbitrary file deletion due to... High Unreviewed

CVE-2025-13322 was published Nov 21, 2025

The Shortcode for Google Street View plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2025-11808 was published Nov 21, 2025

The BigBuy Dropshipping Connector for WooCommerce plugin for WordPress is vulnerable to IP... Moderate Unreviewed

CVE-2025-12039 was published Nov 21, 2025

Previous 1…4…400 Next

Previous 1 2 3 4 5 6 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

277,898 advisories