Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,750
Maven
5,000+
npm
4,353
NuGet
765
pip
4,114
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

145,498 advisories

Loading
Cross-Site Request Forgery (CSRF) vulnerability in WP Swings Wallet System for WooCommerce allows... Moderate Unreviewed
CVE-2025-54041 was published Jul 16, 2025
Missing Authorization vulnerability in blazethemes News Kit Elementor Addons allows Exploiting... Moderate Unreviewed
CVE-2025-54037 was published Jul 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in xfinitysoft WP Post Hide allows Cross Site... Moderate Unreviewed
CVE-2025-54042 was published Jul 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-54050 was published Jul 16, 2025
Missing Authorization vulnerability in QuanticaLabs Cost Calculator allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2025-54047 was published Jul 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-54051 was published Jul 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-54006 was published Jul 16, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Moderate Unreviewed
CVE-2025-54015 was published Jul 16, 2025
Missing Authorization vulnerability in CreativeMindsSolutions CM Pop-Up banners allows Exploiting... Moderate Unreviewed
CVE-2025-54018 was published Jul 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in BlocksWP Theme Builder For Elementor allows... Moderate Unreviewed
CVE-2025-54033 was published Jul 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-54016 was published Jul 16, 2025
Missing Authorization vulnerability in SMTP2GO SMTP2GO allows Exploiting Incorrectly Configured... Moderate Unreviewed
CVE-2025-54011 was published Jul 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-54023 was published Jul 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-54024 was published Jul 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Webba Appointment Booking Webba Booking allows... Moderate Unreviewed
CVE-2025-54036 was published Jul 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Software Newsletters allows Cross... Moderate Unreviewed
CVE-2025-54035 was published Jul 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-54013 was published Jul 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-54009 was published Jul 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in GSheetConnector by WesternDeal WooCommerce... Moderate Unreviewed
CVE-2025-54030 was published Jul 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Elliot Sowersby / RelyWP Coupon Affiliates... Moderate Unreviewed
CVE-2025-54022 was published Jul 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Erik AntiSpam for Contact Form 7 allows Cross... Moderate Unreviewed
CVE-2025-54020 was published Jul 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in jetmonsters Restaurant Menu by MotoPress... Moderate Unreviewed
CVE-2025-54038 was published Jul 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Toast Plugins Animator allows Cross Site... Moderate Unreviewed
CVE-2025-54039 was published Jul 16, 2025
Missing Authorization vulnerability in alexvtn Chatbox Manager allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2025-48167 was published Jul 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-48295 was published Jul 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database