GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,600
Composer 5,005
Erlang 39
GitHub Actions 38
Go 2,635
Maven 6,103
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,454

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

301,054 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Gallery Plugin for WordPress – Envira Photo Gallery plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-11448 was published Nov 8, 2025

The Academy LMS – WordPress LMS Plugin for Complete eLearning Solution plugin for WordPress is... High Unreviewed

CVE-2025-12099 was published Nov 8, 2025

The Academy LMS – WordPress LMS Plugin for Complete eLearning Solution plugin for WordPress is... Moderate Unreviewed

CVE-2025-12098 was published Nov 8, 2025

The EventPrime – Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-12498 was published Nov 8, 2025

The Flexible Refund and Return Order for WooCommerce plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-12621 was published Nov 8, 2025

The Ovatheme Events Manager plugin for WordPress is vulnerable to unauthorized access due to a... Moderate Unreviewed

CVE-2025-7663 was published Nov 8, 2025

The Better Find and Replace – AI-Powered Suggestions plugin for WordPress is vulnerable to... High Unreviewed

CVE-2025-9334 was published Nov 8, 2025

The Groups plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions... Moderate Unreviewed

CVE-2025-11748 was published Nov 8, 2025

The Course Booking System plugin for WordPress is vulnerable to unauthorized access of data due... Moderate Unreviewed

CVE-2025-12042 was published Nov 8, 2025

The WPFunnels plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient... Moderate Unreviewed

CVE-2025-12000 was published Nov 8, 2025

The WP2Social Auto Publish plugin for WordPress is vulnerable to Reflected Cross-Site Scripting... Moderate Unreviewed

CVE-2025-12064 was published Nov 8, 2025

The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress is... Moderate Unreviewed

CVE-2025-11972 was published Nov 8, 2025

The Download Manager plugin for WordPress is vulnerable to unauthorized access due to a hardcoded... Moderate Unreviewed

CVE-2025-12177 was published Nov 8, 2025

The Insert Headers and Footers Code – HT Script plugin for WordPress is vulnerable to Stored... Moderate Unreviewed

CVE-2025-12112 was published Nov 8, 2025

The HTML Forms – Simple WordPress Forms Plugin plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed

CVE-2025-12125 was published Nov 8, 2025

The Contact Form 7 AWeber Extension plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed

CVE-2025-12167 was published Nov 8, 2025

The Smart Auto Upload Images plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed

CVE-2025-12161 was published Nov 8, 2025

The Mang Board WP plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-12193 was published Nov 8, 2025

The WPFunnels – The Easiest Funnel Builder For WordPress And WooCommerce To Collect Leads And... Moderate Unreviewed

CVE-2025-12353 was published Nov 8, 2025

The Simple Downloads List plugin for WordPress is vulnerable to unauthorized modification of data... Moderate Unreviewed

CVE-2025-12583 was published Nov 8, 2025

The Asgaros Forum plugin for WordPress is vulnerable to SQL Injection via the '$_COOKIE[... High Unreviewed

CVE-2025-11452 was published Nov 8, 2025

Inappropriate implementation in Permissions in Google Chrome prior to 140.0.7339.80 allowed a... Moderate Unreviewed

CVE-2025-12911 was published Nov 8, 2025

Improper Authorization in Elastic Cloud Enterprise can lead to Privilege Escalation where the... High Unreviewed

CVE-2025-37736 was published Nov 8, 2025

Insufficient validation of untrusted input in Devtools in Google Chrome prior to 140.0.7339.80... High Unreviewed

CVE-2025-12907 was published Nov 8, 2025

Inappropriate implementation in Permissions in Google Chrome prior to 140.0.7339.80 allowed a... Moderate Unreviewed

CVE-2025-12906 was published Nov 8, 2025

Previous 1…4…400 Next

Previous 1 2 3 4 5 6 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

301,054 advisories