GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,576
Composer 4,462
Erlang 33
GitHub Actions 22
Go 2,159
Maven 5,338
npm 3,820
NuGet 696
pip 3,502
Pub 12
RubyGems 903
Rust 904
Swift 38

Unreviewed advisories

All unreviewed 247,538

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

6,952 advisories

Filter by severity

Sort by

Least recently updated

Cross Site Request Forgery (CSRF) vulnerability exists in the 'pvmsg.php?action=add_message',... High Unreviewed

CVE-2024-51144 was published Mar 5, 2025

The Spreadsheet Integration plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed

CVE-2025-1463 was published Mar 5, 2025

The I Am Gloria plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed

CVE-2025-0990 was published Mar 5, 2025

The bbPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up... Moderate Unreviewed

CVE-2025-1435 was published Mar 5, 2025

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... High Unreviewed

CVE-2025-27664 was published Mar 5, 2025

Unauthenticated reflected cross-site scripting (XSS) in Uniguest Tripleplay before 24.2.1 allows... High Unreviewed

CVE-2024-50705 was published Mar 4, 2025

The Wallet System for WooCommerce – Wallet, Wallet Cashback, Refunds, Partial Payment, Wallet... Moderate Unreviewed

CVE-2024-13682 was published Mar 4, 2025

The Newscrunch theme for WordPress is vulnerable to Cross-Site Request Forgery in all versions up... High Unreviewed

CVE-2025-1306 was published Mar 4, 2025

A vulnerability was found in shishuocms 1.1 and classified as problematic. This issue affects... Moderate Unreviewed

CVE-2025-1891 was published Mar 4, 2025

HCL SX is vulnerable to cross-site request forgery vulnerability which could allow an attacker to... Moderate Unreviewed

CVE-2024-30154 was published Mar 3, 2025

Cross Site Request Forgery vulnerability in sell done storefront v.1.0 allows a remote attacker... Critical Unreviewed

CVE-2025-26206 was published Mar 3, 2025

Acora CMS version 10.1.1 is vulnerable to Cross-Site Request Forgery (CSRF). This flaw enables... Moderate Unreviewed

CVE-2025-25967 was published Mar 3, 2025

Cross-Site Request Forgery (CSRF) vulnerability in NotFound Curated Search allows Stored XSS.... High Unreviewed

CVE-2025-23502 was published Mar 3, 2025

Cross-Site Request Forgery (CSRF) vulnerability in NotFound WP SpaceContent allows Stored XSS.... High Unreviewed

CVE-2025-23446 was published Mar 3, 2025

In Bitaxe ESP-Miner before 2.5.0 with AxeOS, one can use an /api/system CSRF attack to update the... Moderate Unreviewed

CVE-2025-27579 was published Mar 3, 2025

A vulnerability classified as problematic was found in zj1983 zz up to 2024-08. Affected by this... Moderate Unreviewed

CVE-2025-1813 was published Mar 2, 2025

The Simple:Press Forum plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2024-13518 was published Mar 1, 2025

Cross Site Request Forgery vulnerability in 07FLYCMS v.1.3.9 allows a remote attacker to execute... Critical Unreviewed

CVE-2025-25379 was published Mar 1, 2025

The Wp Social Login and Register Social Counter plugin for WordPress is vulnerable to Cross-Site... Moderate Unreviewed

CVE-2025-1506 was published Feb 28, 2025

The RateMyAgent Official plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2025-0801 was published Feb 28, 2025

The Cardealer theme for WordPress is vulnerable to Cross-Site Request Forgery in versions up to,... High Unreviewed

CVE-2025-1687 was published Feb 28, 2025

A vulnerability has been found in LinZhaoguan pb-cms 2.0 and classified as problematic. This... Moderate Unreviewed

CVE-2025-1745 was published Feb 27, 2025

A Cross-Site Request Forgery (CSRF) vulnerability exists in the management console of WSO2... Moderate Unreviewed

CVE-2024-0392 was published Feb 27, 2025

The School Management System – SakolaWP plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed

CVE-2024-13647 was published Feb 27, 2025

Cross-Site Request Forgery (CSRF) vulnerability in flowdee ClickWhale allows Cross Site Request... Moderate Unreviewed

CVE-2025-26963 was published Feb 25, 2025

Previous 1 2 3 4 5 … 278 279 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

6,952 advisories