Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,885
Erlang
37
GitHub Actions
38
Go
2,546
Maven
5,000+
npm
4,212
NuGet
744
pip
3,988
Pub
12
RubyGems
950
Rust
1,038
Swift
45
Unreviewed advisories
All unreviewed
5,000+

32,646 advisories

Loading
The Contest Gallery – Upload, Vote & Sell with PayPal and Stripe plugin for WordPress is... Moderate Unreviewed
CVE-2025-10383 was published Oct 4, 2025
The Trinity Audio – Text to Speech AI audio player to convert content into audio plugin for... Moderate Unreviewed
CVE-2025-9952 was published Oct 4, 2025
The WP Photo Album Plus plugin for WordPress is vulnerable to Cross-Site Scripting in all... Moderate Unreviewed
CVE-2025-8726 was published Oct 4, 2025
The Majestic Before After Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2025-9030 was published Oct 4, 2025
Flowise Stored XSS vulnerability through logs in chatbot Moderate
GHSA-7r4h-vmj9-wg42 was published for flowise (npm) Oct 3, 2025
LIFE-team2024
Credited to LIFE-team2024
Flowise vulnerable to XSS Moderate
GHSA-4fr9-3x69-36wv was published for flowise (npm) Oct 3, 2025
quitbug
Credited to quitbug
NiceGUI has a Reflected XSS Moderate
CVE-2025-53354 was published for nicegui (pip) Oct 3, 2025
oxqnd
Credited to oxqnd
nopCommerce 4.40.3 is vulnerable to XSS in the Product Name at /Admin/Product/Edit/[id]. Each... Moderate Unreviewed
CVE-2021-42193 was published Oct 3, 2025
A stored Cross-Site Scripting (XSS) vulnerability has been discovered in MetInfo CMS version 8.0.... Moderate Unreviewed
CVE-2025-60452 was published Oct 3, 2025
A stored Cross-Site Scripting (XSS) vulnerability has been discovered in MetInfo CMS version 8.0.... Moderate Unreviewed
CVE-2025-60451 was published Oct 3, 2025
A stored Cross-Site Scripting (XSS) vulnerability has been discovered in MetInfo CMS version 8.0.... Moderate Unreviewed
CVE-2025-60453 was published Oct 3, 2025
A stored Cross-Site Scripting (XSS) vulnerability has been discovered in MetInfo CMS version 8.0.... Moderate Unreviewed
CVE-2025-60454 was published Oct 3, 2025
A stored Cross-Site Scripting (XSS) vulnerability has been discovered in Emlog Pro 2.5.19. The... Moderate Unreviewed
CVE-2025-60448 was published Oct 3, 2025
A stored Cross-Site Scripting (XSS) vulnerability has been discovered in Emlog Pro 2.5.19. The... Moderate Unreviewed
CVE-2025-60447 was published Oct 3, 2025
A stored Cross-Site Scripting (XSS) vulnerability has been discovered in XunRuiCMS version 4.7.1.... Moderate Unreviewed
CVE-2025-60445 was published Oct 3, 2025
A stored Cross-Site Scripting (XSS) vulnerability has been discovered in MetInfo CMS version 8.0.... Moderate Unreviewed
CVE-2025-60450 was published Oct 3, 2025
The X Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2025-9204 was published Oct 3, 2025
The Meks Easy Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the post... Moderate Unreviewed
CVE-2025-9206 was published Oct 3, 2025
The Ultimate Multi Design Video Carousel plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2025-9372 was published Oct 3, 2025
The Event Tickets, RSVPs, Calendar plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2025-9875 was published Oct 3, 2025
The A Simple Multilanguage Plugin plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2025-9854 was published Oct 3, 2025
The Ird Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's... Moderate Unreviewed
CVE-2025-9876 was published Oct 3, 2025
The Auto Bulb Finder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2025-9858 was published Oct 3, 2025
The Fintelligence Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2025-9859 was published Oct 3, 2025
The Smart Docs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin... Moderate Unreviewed
CVE-2025-9333 was published Oct 3, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database