GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,369
Composer 4,373
Erlang 33
GitHub Actions 22
Go 2,135
Maven 5,313
npm 3,797
NuGet 687
pip 3,478
Pub 12
RubyGems 896
Rust 897
Swift 38

Unreviewed advisories

All unreviewed 245,374

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

124,136 advisories

Filter by severity

Sort by

Least recently updated

The Indeed Ultimate Learning Pro plugin for WordPress is vulnerable to time-based SQL Injection... Moderate Unreviewed

CVE-2024-13846 was published Feb 21, 2025

The WP-Appbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's... Moderate Unreviewed

CVE-2025-1489 was published Feb 21, 2025

A vulnerability was found in Baiyi Cloud Asset Management System 8.142.100.161. It has been... Moderate Unreviewed

CVE-2025-1535 was published Feb 21, 2025

The Event Tickets and Registration plugin for WordPress is vulnerable to unauthorized loss of... Moderate Unreviewed

CVE-2025-1402 was published Feb 21, 2025

The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction &... Moderate Unreviewed

CVE-2024-12276 was published Feb 21, 2025

The Ziggeo plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ... Moderate Unreviewed

CVE-2024-12452 was published Feb 21, 2025

The Autoship Cloud for WooCommerce Subscription Products plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-13461 was published Feb 21, 2025

The igumbi Online Booking plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2024-13455 was published Feb 21, 2025

The Maps for WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin... Moderate Unreviewed

CVE-2024-13648 was published Feb 21, 2025

The Head, Footer and Post Injections plugin for WordPress is vulnerable to PHP Code Injection in... Moderate Unreviewed

CVE-2024-13900 was published Feb 21, 2025

The WPExperts Square For GiveWP plugin for WordPress is vulnerable to SQL Injection via the 'post... Moderate Unreviewed

CVE-2024-13713 was published Feb 21, 2025

In Eclipse OMR, from the initial contribution to version 0.4.0, some OMR internal port library... Moderate Unreviewed

CVE-2025-1470 was published Feb 21, 2025

The Events Calendar Made Simple – Pie Calendar plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed

CVE-2025-1410 was published Feb 21, 2025

The C9 Blocks plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to,... Moderate Unreviewed

CVE-2024-13537 was published Feb 21, 2025

The Mini Course Generator | Embed mini-courses and interactive content plugin for WordPress is... Moderate Unreviewed

CVE-2024-13672 was published Feb 21, 2025

The 3D Photo Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2024-13751 was published Feb 21, 2025

The WPUpper Share Buttons plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2024-13883 was published Feb 21, 2025

The Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User... Moderate Unreviewed

CVE-2024-13818 was published Feb 21, 2025

The Newpost Catch plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-1406 was published Feb 21, 2025

The AMO Team Showcase plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-1407 was published Feb 21, 2025

The Pinpoint Booking System – #1 WordPress Booking Plugin plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-13235 was published Feb 21, 2025

The C9 Admin Dashboard plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG... Moderate Unreviewed

CVE-2024-13379 was published Feb 21, 2025

The TCBD Tooltip plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin... Moderate Unreviewed

CVE-2024-13388 was published Feb 21, 2025

Medixant RadiAnt DICOM Viewer is vulnerable due to failure of the update mechanism to verify the... Moderate Unreviewed

CVE-2025-1001 was published Feb 21, 2025

Cross Site Scripting vulnerabilities in Xunruicms v.4.6.3 and before allows a remote attacker to... Moderate Unreviewed

CVE-2025-25957 was published Feb 21, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

124,136 advisories