Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,685
Maven
5,000+
npm
4,318
NuGet
760
pip
4,092
Pub
12
RubyGems
958
Rust
1,063
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

7,462 advisories

Loading
The SurveyJS: Drag & Drop WordPress Form Builder plugin for WordPress is vulnerable to Cross-Site... Moderate Unreviewed
CVE-2025-13140 was published Dec 2, 2025
The Photo Gallery by Ays plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2025-13685 was published Dec 2, 2025
The Export All Posts, Products, Orders, Refunds & Users plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-13606 was published Dec 2, 2025
A cross-site request forgery (csrf) vulnerability exists in the WEBVIEW-M functionality of... High Unreviewed
CVE-2024-53684 was published Dec 1, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Tekrom Technology Inc. T-Soft E-Commerce... Moderate Unreviewed
CVE-2025-13296 was published Dec 1, 2025
A vulnerability was determined in Scada-LTS up to 2.7.8.1. This impacts an unknown function. This... Moderate Unreviewed
CVE-2025-13790 was published Nov 30, 2025
Cross-Site Request Forgery (CSRF) vulnerability in HCL Technologies Ltd. Unica 12.0.0. Moderate Unreviewed
CVE-2025-51733 was published Nov 28, 2025
The Nextend Social Login and Register plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed
CVE-2025-13737 was published Nov 28, 2025
The Poll, Survey & Quiz Maker Plugin by Opinion Stage plugin for WordPress is vulnerable to Cross... Moderate Unreviewed
CVE-2025-13143 was published Nov 27, 2025
The Reuters Direct plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2025-12578 was published Nov 27, 2025
The Conditional Maintenance Mode for WordPress plugin for WordPress is vulnerable to Cross-Site... Moderate Unreviewed
CVE-2025-12586 was published Nov 25, 2025
The Peer Publish plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed
CVE-2025-12587 was published Nov 25, 2025
Cross-site request forgery vulnerability exists in SNC-CX600W versions prior to Ver.2.8.0. If a... Low Unreviewed
CVE-2025-62497 was published Nov 25, 2025
Cross-Site Request Forgery (CSRF) vulnerability in the OAuth implementation of the Tuya SDK 6.5.0... High Unreviewed
CVE-2025-56400 was published Nov 24, 2025
A Cross-Site Request Forgery (CSRF) in the /mwapi?method=add-user component of Magewell Pro... Moderate Unreviewed
CVE-2025-63952 was published Nov 24, 2025
A Cross-Site Request Forgery (CSRF) in the /usapi?method=add-user component of Magewell Pro... Moderate Unreviewed
CVE-2025-63953 was published Nov 24, 2025
The Zegen Core plugin for WordPress is vulnerable to Cross-Site Request Forgery to Arbitrary File... High Unreviewed
CVE-2025-11087 was published Nov 21, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Igor Jerosimić I Order Terms i-order-terms... Moderate Unreviewed
CVE-2025-66097 was published Nov 21, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Craig Hewitt Seriously Simple Podcasting... Moderate Unreviewed
CVE-2025-66061 was published Nov 21, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Syed Balkhi Giveaways and Contests by... Moderate Unreviewed
CVE-2025-66064 was published Nov 21, 2025
The AuthorSure plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed
CVE-2025-13134 was published Nov 21, 2025
The Custom Post Type plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2025-13142 was published Nov 21, 2025
Cross-site request forgery vulnerability exists in LogStare Collector. If a user views a crafted... Moderate Unreviewed
CVE-2025-62687 was published Nov 21, 2025
A Cross-Site Request Forgery (CSRF) vulnerability was identified in HCL Glovius Cloud. An... Moderate Unreviewed
CVE-2025-62346 was published Nov 20, 2025
The SureForms plugin for WordPress is vulnerable to Cross-Site Request Forgery Bypass in all... Moderate Unreviewed
CVE-2025-12535 was published Nov 19, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database