GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,028
Composer 5,080
Erlang 39
GitHub Actions 38
Go 2,750
Maven 6,169
npm 4,353
NuGet 765
pip 4,114
Pub 12
RubyGems 960
Rust 1,069
Swift 45

Unreviewed advisories

All unreviewed 280,625

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

305,653 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The LabTools WordPress plugin through 1.0 does not have proper authorisation and CSRF check in... Moderate Unreviewed

CVE-2021-25097 was published Feb 2, 2022

The check_privacy_settings AJAX action of the WordPress GDPR WordPress plugin before 1.9.27,... Moderate Unreviewed

CVE-2022-0220 was published Feb 2, 2022

The Asset CleanUp: Page Speed Booster WordPress plugin before 1.3.8.5 does not sanitise and... Moderate Unreviewed

CVE-2021-24983 was published Feb 2, 2022

The WOOF WordPress plugin before 1.2.6.3 does not sanitise and escape the woof_redraw_elements... Moderate Unreviewed

CVE-2021-25085 was published Feb 2, 2022

The NextScripts: Social Networks Auto-Poster WordPress plugin before 4.3.25 does not have CSRF... Moderate Unreviewed

CVE-2021-25072 was published Feb 2, 2022

The Custom Dashboard & Login Page WordPress plugin before 7.0 does not sanitise some of its... Moderate Unreviewed

CVE-2021-24944 was published Feb 2, 2022

The Visual CSS Style Editor WordPress plugin before 7.5.4 does not sanitise and escape the... Moderate Unreviewed

CVE-2021-24934 was published Feb 2, 2022

The Ninja Tables WordPress plugin before 4.1.8 does not sanitise and escape some of its table... Moderate Unreviewed

CVE-2021-24900 was published Feb 2, 2022

The NextScripts: Social Networks Auto-Poster WordPress plugin before 4.3.24 does not sanitise and... Moderate Unreviewed

CVE-2021-24975 was published Feb 2, 2022

The Asset CleanUp: Page Speed Booster WordPress plugin before 1.3.8.5 does not escape the... Moderate Unreviewed

CVE-2021-24937 was published Feb 2, 2022

The Link Library WordPress plugin before 7.2.9 does not sanitise and escape the settingscopy... Moderate Unreviewed

CVE-2021-25091 was published Feb 2, 2022

The Wicked Folders WordPress plugin before 2.8.10 does not sanitise and escape the folder_id... High Unreviewed

CVE-2021-24919 was published Feb 2, 2022

The Error Log Viewer WordPress plugin through 1.1.1 does not perform nonce check when deleting a... Moderate Unreviewed

CVE-2021-24761 was published Feb 2, 2022

The Domain Check WordPress plugin before 1.0.17 does not sanitise and escape the domain parameter... Moderate Unreviewed

CVE-2021-24926 was published Feb 2, 2022

The Perfect Survey WordPress plugin through 1.5.2 does not validate and escape the X-Forwarded... Moderate Unreviewed

CVE-2021-24765 was published Feb 2, 2022

The Learning Courses WordPress plugin before 5.0 does not sanitise and escape the Email PDT... Moderate Unreviewed

CVE-2021-24707 was published Feb 2, 2022

The Perfect Survey WordPress plugin before 1.5.2 does not validate and escape the question_id GET... Critical Unreviewed

CVE-2021-24762 was published Feb 2, 2022

The RegistrationMagic WordPress plugin before 5.0.1.9 does not sanitise and escape the... Moderate Unreviewed

CVE-2021-24648 was published Feb 2, 2022

The Document Embedder WordPress plugin before 1.7.9 contains a AJAX action endpoint, which could... Moderate Unreviewed

CVE-2021-24868 was published Feb 2, 2022

The Document Embedder WordPress plugin before 1.7.5 contains a REST endpoint, which could allow... Moderate Unreviewed

CVE-2021-24775 was published Feb 2, 2022

The Perfect Survey WordPress plugin before 1.5.2 does not have proper authorisation nor CSRF... High Unreviewed

CVE-2021-24763 was published Feb 2, 2022

MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the... High Unreviewed

CVE-2021-46669 was published Feb 2, 2022

In Eclipse Wakaama, ever since its inception until 2021-01-14, the CoAP parsing code does not... High Unreviewed

CVE-2021-41040 was published Feb 2, 2022

MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements... High Unreviewed

CVE-2021-46668 was published Feb 2, 2022

The SVG Support WordPress plugin before 2.3.20 does not escape the "CSS Class to target" setting... Moderate Unreviewed

CVE-2021-24686 was published Feb 2, 2022

Previous 1…394…400 Next

Previous 1 2 … 392 393 394 395 396 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

305,653 advisories