GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,912
Composer 5,067
Erlang 39
GitHub Actions 38
Go 2,717
Maven 6,143
npm 4,328
NuGet 761
pip 4,105
Pub 12
RubyGems 958
Rust 1,065
Swift 45

Unreviewed advisories

All unreviewed 278,989

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

3,906 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Search, Filters & Merchandising for WooCommerce plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-12091 was published Dec 6, 2025

The Accessiy By CodeConfig Accessibility – Easy One-Click Accessibility Toolbar That Truly... Moderate Unreviewed

CVE-2025-13309 was published Dec 6, 2025

The Accessiy By CodeConfig Accessibility plugin for WordPress is vulnerable to unauthorized page... Moderate Unreviewed

CVE-2025-13358 was published Dec 6, 2025

The Helloprint plugin for WordPress is vulnerable to Missing Authorization in versions up to, and... Moderate Unreviewed

CVE-2025-13666 was published Dec 6, 2025

The Listar – Directory Listing & Classifieds WordPress Plugin plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2025-12574 was published Dec 6, 2025

The Listar – Directory Listing & Classifieds WordPress Plugin plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2025-12577 was published Dec 6, 2025

The g-FFL Cockpit plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed

CVE-2025-12721 was published Dec 6, 2025

The Projectopia – WordPress Project Management plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed

CVE-2025-12876 was published Dec 5, 2025

The Wp Social Login and Register Social Counter plugin for WordPress is vulnerable to missing... Moderate Unreviewed

CVE-2025-13620 was published Dec 5, 2025

The Voidek Employee Portal plugin for WordPress is vulnerable to unauthorized access due to a... Moderate Unreviewed

CVE-2025-12093 was published Dec 5, 2025

The Payaza plugin for WordPress is vulnerable to unauthorized modification of data due to a... Moderate Unreviewed

CVE-2025-12355 was published Dec 5, 2025

The Live CSS Preview plugin for WordPress is vulnerable to unauthorized modification of data due... Moderate Unreviewed

CVE-2025-12354 was published Dec 5, 2025

The EPROLO Dropshipping plugin for WordPress is vulnerable to unauthorized modification of data... Moderate Unreviewed

CVE-2025-12133 was published Dec 5, 2025

The Webcake – Landing Page Builder plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed

CVE-2025-12165 was published Dec 5, 2025

The Takeads plugin for WordPress is vulnerable to authorization bypass in all versions up to, and... Moderate Unreviewed

CVE-2025-12370 was published Dec 5, 2025

The CRM Memberships plugin for WordPress is vulnerable to unauthorized membership tag creation... Moderate Unreviewed

CVE-2025-13312 was published Dec 5, 2025

The Feedback Modal for Website plugin for WordPress is vulnerable to unauthorized access of data... Moderate Unreviewed

CVE-2025-13528 was published Dec 5, 2025

A vulnerability in Synology Mail Server allows remote authenticated attackers to read and write... Moderate Unreviewed

CVE-2025-2848 was published Dec 4, 2025

The Custom Post Type UI plugin for WordPress is vulnerable to authorization bypass in all... Moderate Unreviewed

CVE-2025-12826 was published Dec 4, 2025

The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to authorization... Moderate Unreviewed

CVE-2025-12782 was published Dec 4, 2025

The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress is... Moderate Unreviewed

CVE-2025-13354 was published Dec 3, 2025

The Post SMTP plugin for WordPress is vulnerable to authorization bypass in all versions up to,... Moderate Unreviewed

CVE-2025-12887 was published Dec 3, 2025

The Fluent Booking plugin for WordPress is vulnerable to unauthorized calendar import and... Moderate Unreviewed

CVE-2025-13756 was published Dec 3, 2025

BlazeMeter Jenkins Plugin is Missing Authorization for Available Resources Moderate

CVE-2025-13472 was published for com.blazemeter.plugins:BlazeMeterJenkinsPlugin (Maven) Dec 3, 2025

The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for... Moderate Unreviewed

CVE-2025-10304 was published Dec 3, 2025

Previous1…157 Next

Previous 1 2 3 4 5 … 156 157 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,906 advisories