GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,395
Composer 4,950
Erlang 39
GitHub Actions 38
Go 2,603
Maven 6,053
npm 4,250
NuGet 755
pip 4,013
Pub 12
RubyGems 953
Rust 1,048
Swift 45

Unreviewed advisories

All unreviewed 274,767

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

32,913 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-48093 was published Oct 22, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-48092 was published Oct 22, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-48097 was published Oct 22, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-48095 was published Oct 22, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-48098 was published Oct 22, 2025

The This-or-That plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin... Moderate Unreviewed

CVE-2025-10138 was published Oct 22, 2025

The Bg Book Publisher plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-11867 was published Oct 22, 2025

The Print Button Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-11810 was published Oct 22, 2025

The Simple Youtube Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2025-11811 was published Oct 22, 2025

The Responsive iframe GoogleMap plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2025-11813 was published Oct 22, 2025

The Cinza Grid plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-11824 was published Oct 22, 2025

The SM CountDown Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-11880 was published Oct 22, 2025

The WP Restaurant Listings plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-11830 was published Oct 22, 2025

The JB News Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id'... Moderate Unreviewed

CVE-2025-11804 was published Oct 22, 2025

The WP Responsive Meet The Team plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2025-11818 was published Oct 22, 2025

The WP-Thumbnail plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-11819 was published Oct 22, 2025

The Oboxmedia Ads plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-11827 was published Oct 22, 2025

The WP-Force Images Download plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2025-11809 was published Oct 22, 2025

The ST Categories Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-11878 was published Oct 22, 2025

The Simple Banner – Easily add multiple Banners/Bars/Notifications/Announcements to the top or... Moderate Unreviewed

CVE-2025-12033 was published Oct 22, 2025

The WP AD Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-11834 was published Oct 22, 2025

The Responsive Progress Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-11883 was published Oct 22, 2025

The Playerzbr plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'urlmeta'... Moderate Unreviewed

CVE-2025-11825 was published Oct 22, 2025

The Simple Business Data plugin for WordPress is vulnerable to Stored Cross-Site Scripting via ... Moderate Unreviewed

CVE-2025-11870 was published Oct 22, 2025

The Simple Tableau Viz plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-11817 was published Oct 22, 2025

Previous 1…4…400 Next

Previous 1 2 3 4 5 6 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

32,913 advisories