GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,730
Composer 5,030
Erlang 39
GitHub Actions 38
Go 2,670
Maven 6,116
npm 4,296
NuGet 760
pip 4,075
Pub 12
RubyGems 957
Rust 1,058
Swift 45

Unreviewed advisories

All unreviewed 277,901

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

277,901 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The WP AUDIO GALLERY plugin for WordPress is vulnerable to arbitrary file deletion due to... High Unreviewed

CVE-2025-13322 was published Nov 21, 2025

The Shortcode for Google Street View plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2025-11808 was published Nov 21, 2025

The BigBuy Dropshipping Connector for WooCommerce plugin for WordPress is vulnerable to IP... Moderate Unreviewed

CVE-2025-12039 was published Nov 21, 2025

The 简数采集器 plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and... Moderate Unreviewed

CVE-2025-11973 was published Nov 21, 2025

The WP Company Info plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-11826 was published Nov 21, 2025

The WPSite Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-11803 was published Nov 21, 2025

The Padlet Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-12660 was published Nov 21, 2025

The Pollcaster Shortcode Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-12661 was published Nov 21, 2025

The Return Refund and Exchange For WooCommerce plugin for WordPress is vulnerable to Insecure... Moderate Unreviewed

CVE-2025-12086 was published Nov 21, 2025

The HotelRunner Booking Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2025-13135 was published Nov 21, 2025

The Custom Post Type plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2025-13142 was published Nov 21, 2025

The AuthorSure plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed

CVE-2025-13134 was published Nov 21, 2025

The Import WP – Export and Import CSV and XML files to WordPress plugin for WordPress is... Moderate Unreviewed

CVE-2025-12894 was published Nov 21, 2025

The Return Refund and Exchange For WooCommerce plugin for WordPress is vulnerable to Insecure... Moderate Unreviewed

CVE-2025-12881 was published Nov 21, 2025

The AudioTube plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'caption'... Moderate Unreviewed

CVE-2025-11801 was published Nov 21, 2025

The Surbma | MiniCRM Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2025-11800 was published Nov 21, 2025

The Tips Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tip... Moderate Unreviewed

CVE-2025-11767 was published Nov 21, 2025

The BrightTALK WordPress Shortcode plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2025-11770 was published Nov 21, 2025

The Islamic Phrases plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-11768 was published Nov 21, 2025

The Realty Portal plugin for WordPress is vulnerable to unauthorized modification of data that... High Unreviewed

CVE-2025-11985 was published Nov 21, 2025

The WPBookit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'css_code'... High Unreviewed

CVE-2025-12135 was published Nov 21, 2025

The Cryptocurrency (Token), Launchpad (Presale), ICO & IDO, Airdrop by TokenICO plugin for... Moderate Unreviewed

CVE-2025-11771 was published Nov 21, 2025

The UiPress lite | Effortless custom dashboards, admin themes and pages plugin for WordPress is... Moderate Unreviewed

CVE-2025-11815 was published Nov 21, 2025

The Affiliate AI Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-11799 was published Nov 21, 2025

The Cryptocurrency (Token), Launchpad (Presale), ICO & IDO, Airdrop by TokenICO plugin for... Moderate Unreviewed

CVE-2025-11773 was published Nov 21, 2025

Previous 1…5…400 Next

Previous 1 2 3 4 5 6 7 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

277,901 advisories