GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,028
Composer 5,080
Erlang 39
GitHub Actions 38
Go 2,750
Maven 6,169
npm 4,353
NuGet 765
pip 4,114
Pub 12
RubyGems 960
Rust 1,069
Swift 45

Unreviewed advisories

All unreviewed 280,602

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

305,630 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The King Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2025-7960 was published Dec 13, 2025

The Enter Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin... Moderate Unreviewed

CVE-2025-8687 was published Dec 13, 2025

The Redux Framework plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-9488 was published Dec 13, 2025

The JetWidgets For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2025-8195 was published Dec 13, 2025

Encryption is missing on the configuration interface for Growatt ShineLan-X and MIC 3300TL-X.... Critical Unreviewed

CVE-2025-36751 was published Dec 13, 2025

Growatt ShineLan-X communication dongle has an undocumented backup account with undocumented... Critical Unreviewed

CVE-2025-36752 was published Dec 13, 2025

The SWD debug interface on the Growatt ShineLan-X communication dongle is available by default,... High Unreviewed

CVE-2025-36753 was published Dec 13, 2025

The authentication mechanism on web interface is not properly implemented. It is possible to... Critical Unreviewed

CVE-2025-36754 was published Dec 13, 2025

The Kingcabs theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-7058 was published Dec 13, 2025

A security flaw has been discovered in itsourcecode Student Management System 1.0. This... Moderate Unreviewed

CVE-2025-14588 was published Dec 13, 2025

A vulnerability was identified in itsourcecode Online Pet Shop Management System 1.0. This... Moderate Unreviewed

CVE-2025-14587 was published Dec 13, 2025

The MediaCommander – Bring Folders to Media, Posts, and Pages plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2025-14508 was published Dec 13, 2025

The HAPPY – Helpdesk Support Ticket System plugin for WordPress is vulnerable to authorization... Moderate Unreviewed

CVE-2025-14581 was published Dec 13, 2025

The The Shortcode Ajax plugin for WordPress is vulnerable to arbitrary shortcode execution in all... Moderate Unreviewed

CVE-2025-14539 was published Dec 13, 2025

ShineLan-X contains a stored cross site scripting (XSS) vulnerability in the local configuration... High Unreviewed

CVE-2025-36748 was published Dec 13, 2025

ShineLan-X contains a stored cross site scripting (XSS) vulnerability in the Plant Name field. A... High Unreviewed

CVE-2025-36750 was published Dec 13, 2025

ShineLan-X contains a set of credentials for an FTP server was found within the firmware,... Critical Unreviewed

CVE-2025-36747 was published Dec 13, 2025

The Emplibot – AI Content Writer with Keyword Research, Infographics, and Linking | SEO Optimized... Moderate Unreviewed

CVE-2025-11970 was published Dec 13, 2025

The WP to LinkedIn Auto Publish plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed

CVE-2025-12077 was published Dec 13, 2025

The Social Media Auto Publish plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed

CVE-2025-12076 was published Dec 13, 2025

The Header Footer Script Adder – Insert Code in Header, Body & Footer plugin for WordPress is... Moderate Unreviewed

CVE-2025-12109 was published Dec 13, 2025

The myCred – Points Management System For Gamification, Ranks, Badges, and Loyalty Program plugin... Moderate Unreviewed

CVE-2025-12362 was published Dec 13, 2025

The Login Lockdown & Protection plugin for WordPress is vulnerable to IP Block Bypass in all... Moderate Unreviewed

CVE-2025-11707 was published Dec 13, 2025

The WP3D Model Import Viewer plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed

CVE-2025-13094 was published Dec 13, 2025

The Devs CRM – Manage tasks, attendance and teams all together plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2025-13093 was published Dec 13, 2025

Previous 1…3…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

305,630 advisories