GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,028
Composer 5,080
Erlang 39
GitHub Actions 38
Go 2,750
Maven 6,169
npm 4,353
NuGet 765
pip 4,114
Pub 12
RubyGems 960
Rust 1,069
Swift 45

Unreviewed advisories

All unreviewed 280,602

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

280,602 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The MediaCommander – Bring Folders to Media, Posts, and Pages plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2025-14508 was published Dec 13, 2025

The vulnerability arises when a client fetches a tools’ JSON specification, known as a Manual,... High Unreviewed

CVE-2025-14542 was published Dec 13, 2025

The HAPPY – Helpdesk Support Ticket System plugin for WordPress is vulnerable to authorization... Moderate Unreviewed

CVE-2025-14581 was published Dec 13, 2025

The The Shortcode Ajax plugin for WordPress is vulnerable to arbitrary shortcode execution in all... Moderate Unreviewed

CVE-2025-14539 was published Dec 13, 2025

A vulnerability was determined in TOTOLINK X5000R 9.1.0cu.2089_B20211224. Affected by this issue... Moderate Unreviewed

CVE-2025-14586 was published Dec 13, 2025

The WP to LinkedIn Auto Publish plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed

CVE-2025-12077 was published Dec 13, 2025

The Social Media Auto Publish plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed

CVE-2025-12076 was published Dec 13, 2025

The Header Footer Script Adder – Insert Code in Header, Body & Footer plugin for WordPress is... Moderate Unreviewed

CVE-2025-12109 was published Dec 13, 2025

The myCred – Points Management System For Gamification, Ranks, Badges, and Loyalty Program plugin... Moderate Unreviewed

CVE-2025-12362 was published Dec 13, 2025

The WP3D Model Import Viewer plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed

CVE-2025-13094 was published Dec 13, 2025

The Devs CRM – Manage tasks, attendance and teams all together plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2025-13093 was published Dec 13, 2025

The Devs CRM – Manage tasks, attendance and teams all together plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2025-13092 was published Dec 13, 2025

The WP Directory Kit plugin for WordPress is vulnerable to SQL Injection via the 'hide_fields'... High Unreviewed

CVE-2025-13089 was published Dec 13, 2025

The افزونه پیامک ووکامرس فوق حرفه ای (جدید) payamito sms woocommerce plugin for WordPress is... High Unreviewed

CVE-2025-13077 was published Dec 13, 2025

The Employee Spotlight – Team Member Showcase & Meet the Team Plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2025-13403 was published Dec 13, 2025

The Custom Frames plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-13705 was published Dec 13, 2025

The Custom Post Type UI plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-14056 was published Dec 13, 2025

The GenerateBlocks plugin for WordPress is vulnerable to information exposure due to missing... Moderate Unreviewed

CVE-2025-12512 was published Dec 13, 2025

The Design Import/Export plugin for WordPress is vulnerable to SQL Injection via XML File Import... Moderate Unreviewed

CVE-2025-14050 was published Dec 13, 2025

The Gallery Blocks with Lightbox. Image Gallery, (HTML5 video , YouTube, Vimeo) Video Gallery and... Moderate Unreviewed

CVE-2025-14288 was published Dec 13, 2025

The HT Slider for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-14278 was published Dec 13, 2025

The Eyewear prescription form plugin for WordPress is vulnerable to Missing Authorization in all... Moderate Unreviewed

CVE-2025-14365 was published Dec 13, 2025

The Brizy – Page Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in... Moderate Unreviewed

CVE-2025-0969 was published Dec 13, 2025

The Filter & Grids plugin for WordPress is vulnerable to SQL Injection via the 'phrase' parameter... Moderate Unreviewed

CVE-2025-10289 was published Dec 13, 2025

The URL Shortener Plugin For WordPress plugin for WordPress is vulnerable to SQL Injection via... Critical Unreviewed

CVE-2025-10738 was published Dec 13, 2025

Previous 1…4…400 Next

Previous 1 2 3 4 5 6 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

280,602 advisories