GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,889
Composer 5,066
Erlang 39
GitHub Actions 38
Go 2,701
Maven 6,140
npm 4,328
NuGet 761
pip 4,103
Pub 12
RubyGems 958
Rust 1,064
Swift 45

Unreviewed advisories

All unreviewed 278,842

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

34,544 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Jabbernotification plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-13622 was published Dec 5, 2025

The Easy Jump Links Menus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-13860 was published Dec 5, 2025

The Sermon Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-12368 was published Dec 5, 2025

The PDF Catalog for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2025-12191 was published Dec 5, 2025

The Twitscription plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-13623 was published Dec 5, 2025

The CoSign Single Signon plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-13512 was published Dec 5, 2025

The WP-SOS-Donate Donation Sidebar Plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed

CVE-2025-13625 was published Dec 5, 2025

The FitVids for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-12124 was published Dec 5, 2025

The SurveyFunnel – Survey Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed

CVE-2025-12417 was published Dec 5, 2025

The Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-12804 was published Dec 5, 2025

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed

CVE-2025-13939 was published Dec 5, 2025

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed

CVE-2025-13936 was published Dec 5, 2025

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed

CVE-2025-6946 was published Dec 5, 2025

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed

CVE-2025-13938 was published Dec 5, 2025

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed

CVE-2025-13937 was published Dec 5, 2025

TranzAxis 3.2.41.10.26 allows authenticated users to inject cross-site scripting via the `Open... Moderate Unreviewed

CVE-2025-66574 was published Dec 4, 2025

A vulnerability was identified in JIZHICMS up to 2.5.5. The impacted element is an unknown... Moderate Unreviewed

CVE-2025-14013 was published Dec 4, 2025

Due to a regression introduced in version 3.83.0, a security header is no longer applied to... Moderate Unreviewed

CVE-2025-13488 was published Dec 4, 2025

WEBIGniter 28.7.23 contains a cross-site scripting vulnerability in the user creation process... Moderate Unreviewed

CVE-2023-53735 was published Dec 4, 2025

Stored Cross-Site Scripting (XSS) in the survey-import feature of ObjectPlanet Opinio 7.26... Moderate Unreviewed

CVE-2025-13873 was published Dec 2, 2025

A vulnerability was detected in dayrui XunRuiCMS up to 4.7.1. This affects an unknown part of the... Low Unreviewed

CVE-2025-14007 was published Dec 4, 2025

A security vulnerability has been detected in dayrui XunRuiCMS up to 4.7.1. Affected by this... Moderate Unreviewed

CVE-2025-14006 was published Dec 4, 2025

A weakness has been identified in dayrui XunRuiCMS up to 4.7.1. Affected by this vulnerability is... Moderate Unreviewed

CVE-2025-14005 was published Dec 4, 2025

A stored Cross-Site Scripting (XSS) vulnerability has been found in Seafile v12.0.10. This... Moderate Unreviewed

CVE-2025-41080 was published Dec 4, 2025

A stored Cross-Site Scripting (XSS) vulnerability has been found in Seafile v12.0.10. This... Moderate Unreviewed

CVE-2025-41079 was published Dec 4, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

34,544 advisories