GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,574

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

301,177 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The My Geo Posts Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-11863 was published Nov 11, 2025

The Crypto plugin for WordPress is vulnerable to Information exposure in all versions up to, and... Moderate Unreviewed

CVE-2025-11986 was published Nov 11, 2025

The Shelf Planner plugin for WordPress is vulnerable to unauthorized modification of data due to... Moderate Unreviewed

CVE-2025-11894 was published Nov 11, 2025

The Document Pro Elementor – Documentation & Knowledge Base plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-11997 was published Nov 11, 2025

The WP BBCode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ... Moderate Unreviewed

CVE-2025-11873 was published Nov 11, 2025

The Simple Donate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-11882 was published Nov 11, 2025

The Precise Columns plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-11869 was published Nov 11, 2025

The Slippy Slider – Responsive Touch Navigation Slider plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-11874 was published Nov 11, 2025

The Paypal Donation Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2025-11859 was published Nov 11, 2025

The CTL Arcade Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2025-11886 was published Nov 11, 2025

The Twitter Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-11860 was published Nov 11, 2025

The Find Unused Images plugin for WordPress is vulnerable to unauthorized loss of data due to a... Moderate Unreviewed

CVE-2025-11996 was published Nov 11, 2025

The Shelf Planner plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed

CVE-2025-11891 was published Nov 11, 2025

The WP Custom Admin Login Page Logo plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed

CVE-2025-12132 was published Nov 11, 2025

The Authors List plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed

CVE-2025-12010 was published Nov 11, 2025

The Add Multiple Marker plugin for WordPress is vulnerable to unauthorized modification of data... Moderate Unreviewed

CVE-2025-11999 was published Nov 11, 2025

The Double the Donation – A workplace giving tool to help your fundraising efforts plugin for... Moderate Unreviewed

CVE-2025-12020 was published Nov 11, 2025

The Fleet Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin... Moderate Unreviewed

CVE-2025-12538 was published Nov 11, 2025

The Private Google Calendars plugin for WordPress is vulnerable to unauthorized modification of... Moderate Unreviewed

CVE-2025-12526 was published Nov 11, 2025

The Crypto plugin for WordPress is vulnerable to unauthorized manipulation of data in all... Moderate Unreviewed

CVE-2025-11988 was published Nov 11, 2025

The WP-OAuth plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-12021 was published Nov 11, 2025

The Featured Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image... Moderate Unreviewed

CVE-2025-12019 was published Nov 11, 2025

The The Total Book Project plugin for WordPress is vulnerable to Insecure Direct Object Reference... Moderate Unreviewed

CVE-2025-12126 was published Nov 11, 2025

The Five9 Live Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-11829 was published Nov 11, 2025

The WP Bootstrap Tabs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-11822 was published Nov 11, 2025

Previous 12…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

301,177 advisories