GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,041
Composer 5,081
Erlang 40
GitHub Actions 38
Go 2,752
Maven 6,172
npm 4,357
NuGet 765
pip 4,121
Pub 12
RubyGems 961
Rust 1,069
Swift 45

Unreviewed advisories

All unreviewed 280,889

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

145,647 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The TWW Protein Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-13971 was published Dec 12, 2025

The Contact Form 7 with ChatWork plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2025-13975 was published Dec 12, 2025

The WatchTowerHQ plugin for WordPress is vulnerable to arbitrary file read via the ... Moderate Unreviewed

CVE-2025-13972 was published Dec 12, 2025

The DebateMaster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the color... Moderate Unreviewed

CVE-2025-14035 was published Dec 12, 2025

The URL Media Uploader plugin for WordPress is vulnerable to unauthorized safe file uploads due... Moderate Unreviewed

CVE-2025-14045 was published Dec 12, 2025

The Purchase and Expense Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery... Moderate Unreviewed

CVE-2025-13987 was published Dec 12, 2025

The FX Currency Converter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-13963 was published Dec 12, 2025

The BuddyTask plugin for WordPress is vulnerable to unauthorized access and modification of data... Moderate Unreviewed

CVE-2025-14064 was published Dec 12, 2025

The Divelogs Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-13962 was published Dec 12, 2025

The Animated Pixel Marquee Creator plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed

CVE-2025-14062 was published Dec 12, 2025

The App Landing Template Blocks for WPBakery (Visual Composer) Page Builder plugin for WordPress... Moderate Unreviewed

CVE-2025-14119 was published Dec 12, 2025

The Reviews Sorted plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-13969 was published Dec 12, 2025

The Data Visualizer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-13961 was published Dec 12, 2025

The GPXpress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ... Moderate Unreviewed

CVE-2025-13960 was published Dec 12, 2025

The WP Dropzone plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-13989 was published Dec 12, 2025

The SimplyConvert plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-14048 was published Dec 12, 2025

The Like DisLike Voting plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-14129 was published Dec 12, 2025

The Simple AL Slider plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-14137 was published Dec 12, 2025

The 评论小秘书 plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `$_SERVER[... Moderate Unreviewed

CVE-2025-13988 was published Dec 12, 2025

The Complag plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the `... Moderate Unreviewed

CVE-2025-14125 was published Dec 12, 2025

The Category Dropdown List plugin for WordPress is vulnerable to Reflected Cross-Site Scripting... Moderate Unreviewed

CVE-2025-14132 was published Dec 12, 2025

The WPLG Default Mail From plugin for WordPress is vulnerable to Reflected Cross-Site Scripting... Moderate Unreviewed

CVE-2025-14138 was published Dec 12, 2025

The Flow-Flow Social Feed Stream plugin for WordPress is vulnerable to unauthorized modification... Moderate Unreviewed

CVE-2025-13866 was published Dec 12, 2025

The VigLink SpotLight By ShortCode plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2025-13843 was published Dec 12, 2025

The Campay Woocommerce Payment Gateway plugin for WordPress is vulnerable to Unauthenticated... Moderate Unreviewed

CVE-2025-12883 was published Dec 12, 2025

Previous 1…12…400 Next

Previous 1 2 … 10 11 12 13 14 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

145,647 advisories