GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,028
Composer 5,080
Erlang 39
GitHub Actions 38
Go 2,750
Maven 6,169
npm 4,353
NuGet 765
pip 4,114
Pub 12
RubyGems 960
Rust 1,069
Swift 45

Unreviewed advisories

All unreviewed 280,602

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

305,630 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The WP Directory Kit plugin for WordPress is vulnerable to SQL Injection via the 'hide_fields'... High Unreviewed

CVE-2025-13089 was published Dec 13, 2025

The Employee Spotlight – Team Member Showcase & Meet the Team Plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2025-13403 was published Dec 13, 2025

The Custom Post Type UI plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-14056 was published Dec 13, 2025

The Gallery Blocks with Lightbox. Image Gallery, (HTML5 video , YouTube, Vimeo) Video Gallery and... Moderate Unreviewed

CVE-2025-14288 was published Dec 13, 2025

The HT Slider for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-14278 was published Dec 13, 2025

The Easy Theme Options plugin for WordPress is vulnerable to Missing Authorization in all... Moderate Unreviewed

CVE-2025-14367 was published Dec 13, 2025

The JAY Login & Register plugin for WordPress is vulnerable to authentication bypass in versions... Critical Unreviewed

CVE-2025-14440 was published Dec 13, 2025

The Popover Windows plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions... Moderate Unreviewed

CVE-2025-14394 was published Dec 13, 2025

The Quick Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-14378 was published Dec 13, 2025

The 404 Solution plugin for WordPress is vulnerable to SQL Injection in all versions up to, and... Moderate Unreviewed

CVE-2025-14477 was published Dec 13, 2025

The Image Slider by Ays- Responsive Slider and Carousel plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-14454 was published Dec 13, 2025

The Popover Windows plugin for WordPress is vulnerable to unauthorized modification of data due... Moderate Unreviewed

CVE-2025-14395 was published Dec 13, 2025

The Popup Builder (Easy Notify Lite) plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed

CVE-2025-14446 was published Dec 13, 2025

The Extensive VC Addons for WPBakery page builder plugin for WordPress is vulnerable to Local... High Unreviewed

CVE-2025-14475 was published Dec 13, 2025

The Lucky Draw Contests plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2025-14462 was published Dec 13, 2025

The Doubly – Cross Domain Copy Paste for WordPress plugin for WordPress is vulnerable to PHP... High Unreviewed

CVE-2025-14476 was published Dec 13, 2025

The Solutions Ad Manager plugin for WordPress is vulnerable to Open Redirect in all versions up... Moderate Unreviewed

CVE-2025-14451 was published Dec 13, 2025

The Userback plugin for WordPress is vulnerable to unauthorized access of data due to a missing... Moderate Unreviewed

CVE-2025-14540 was published Dec 13, 2025

A weakness has been identified in code-projects Prison Management System 2.0. This issue affects... Moderate Unreviewed

CVE-2025-14589 was published Dec 13, 2025

The Postem Ipsum plugin for WordPress is vulnerable to unauthorized modification of data to... High Unreviewed

CVE-2025-14397 was published Dec 13, 2025

The AnnunciFunebri Impresa plugin for WordPress is vulnerable to unauthorized modification of... Moderate Unreviewed

CVE-2025-14447 was published Dec 13, 2025

The Eyewear prescription form plugin for WordPress is vulnerable to Missing Authorization in all... Moderate Unreviewed

CVE-2025-14365 was published Dec 13, 2025

The Eyewear prescription form plugin for WordPress is vulnerable to Missing Authorization in all... Moderate Unreviewed

CVE-2025-14366 was published Dec 13, 2025

The vulnerability arises when a client fetches a tools’ JSON specification, known as a Manual,... High Unreviewed

CVE-2025-14542 was published Dec 13, 2025

A vulnerability was determined in TOTOLINK X5000R 9.1.0cu.2089_B20211224. Affected by this issue... Moderate Unreviewed

CVE-2025-14586 was published Dec 13, 2025

Previous 1…4…400 Next

Previous 1 2 3 4 5 6 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

305,630 advisories