Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,356
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,783
NuGet
683
pip
3,463
Pub
12
RubyGems
893
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

6,789 advisories

Loading
SAP Commerce, by default, sets certain cookies with the SameSite attribute configured to None ... Moderate Unreviewed
CVE-2025-24875 was published Feb 11, 2025
The WP All Import Pro plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2024-9661 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Scriptonite Simple User Profile allows Stored... High Unreviewed
CVE-2025-25140 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in scweber Custom Comment Notifications allows... High Unreviewed
CVE-2025-25154 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in saleandro Songkick Concerts and Festivals... Moderate Unreviewed
CVE-2025-25146 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Danillo Nunes Login-box allows Stored XSS.... High Unreviewed
CVE-2025-25149 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Stanko Metodiev Quote Comments allows Stored... High Unreviewed
CVE-2025-25156 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in ElbowRobo Read More Copy Link allows Stored... High Unreviewed
CVE-2025-25148 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Mark Barnes Style Tweaker allows Stored XSS.... High Unreviewed
CVE-2025-25160 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Phillip.Gooch Auto SEO allows Stored XSS. This... High Unreviewed
CVE-2025-25147 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in LukaszWiecek Smart DoFollow allows Stored XSS.... High Unreviewed
CVE-2025-25152 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in djjmz Simple Auto Tag allows Stored XSS. This... High Unreviewed
CVE-2025-25153 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in gabrieldarezzo InLocation allows Stored XSS.... High Unreviewed
CVE-2025-25166 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in blackandwhitedigital BookPress – For Book... High Unreviewed
CVE-2025-25168 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in FancyWP Starter Templates by FancyWP allows... Critical Unreviewed
CVE-2025-25106 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in bnielsen Indeed API allows Cross Site Request... Moderate Unreviewed
CVE-2025-25103 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in sainwp OneStore Sites allows Cross Site... Critical Unreviewed
CVE-2025-25107 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in WP Spell Check WP Spell Check allows Cross... Moderate Unreviewed
CVE-2025-25111 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in zmseo ZMSEO allows Stored XSS. This issue... High Unreviewed
CVE-2025-25126 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in xdark Easy Related Posts allows Stored XSS.... High Unreviewed
CVE-2025-25123 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Victor Barkalov Custom Links On Admin... High Unreviewed
CVE-2025-25135 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in orlandolac Facilita Form Tracker allows Stored... High Unreviewed
CVE-2025-25128 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in CyrilG Fyrebox Quizzes allows Stored XSS. This... High Unreviewed
CVE-2025-25125 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in jordan.hatch Infusionsoft Analytics allows... Moderate Unreviewed
CVE-2025-25145 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Rishi On Page SEO + Whatsapp Chat Button... High Unreviewed
CVE-2025-25138 was published Feb 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database