GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,739
Composer 5,031
Erlang 39
GitHub Actions 38
Go 2,675
Maven 6,116
npm 4,297
NuGet 760
pip 4,077
Pub 12
RubyGems 957
Rust 1,058
Swift 45

Unreviewed advisories

All unreviewed 278,086

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

132,730 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Social Images Widget plugin for WordPress is vulnerable to unauthorized modification of data... Moderate Unreviewed

CVE-2025-13386 was published Nov 25, 2025

The ProjectList plugin for WordPress is vulnerable to time-based SQL Injection via the 'id'... Moderate Unreviewed

CVE-2025-13370 was published Nov 25, 2025

The Conditional Maintenance Mode for WordPress plugin for WordPress is vulnerable to Cross-Site... Moderate Unreviewed

CVE-2025-12586 was published Nov 25, 2025

The Chamber Dashboard Business Directory plugin for WordPress is vulnerable to unauthorized data... Moderate Unreviewed

CVE-2025-13414 was published Nov 25, 2025

The Job Board by BestWebSoft plugin for WordPress is vulnerable to Stored Cross-Site Scripting in... Moderate Unreviewed

CVE-2025-13383 was published Nov 25, 2025

The Autochat Automatic Conversation plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed

CVE-2025-12043 was published Nov 25, 2025

An integer underflow vulnerability has been identified in Aicloud. An authenticated attacker may... Moderate Unreviewed

CVE-2025-59368 was published Nov 25, 2025

The Admin and Customer Messages After Order for WooCommerce: OrderConvo plugin for WordPress is... Moderate Unreviewed

CVE-2025-13452 was published Nov 25, 2025

The atec Duplicate Page & Post plugin for WordPress is vulnerable to unauthorized post... Moderate Unreviewed

CVE-2025-13404 was published Nov 25, 2025

The Locker Content plugin for WordPress is vulnerable to Sensitive Information Exposure in... Moderate Unreviewed

CVE-2025-12525 was published Nov 25, 2025

A SQL injection vulnerability has been identified in bwdpi. A remote, authenticated attacker... Moderate Unreviewed

CVE-2025-59369 was published Nov 25, 2025

The Peer Publish plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed

CVE-2025-12587 was published Nov 25, 2025

Incorrect default permissions issue exists in Security Point (Windows) of MaLion prior to Ver.5.3... Moderate Unreviewed

CVE-2025-59485 was published Nov 25, 2025

A path traversal vulnerability has been identified in certain router models. A remote,... Moderate Unreviewed

CVE-2025-59372 was published Nov 25, 2025

The Admin and Customer Messages After Order for WooCommerce: OrderConvo plugin for WordPress is... Moderate Unreviewed

CVE-2025-13389 was published Nov 25, 2025

The Inline frame – Iframe plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-12645 was published Nov 25, 2025

The Bookme – Free Online Appointment Booking and Scheduling Plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-13385 was published Nov 25, 2025

The Just Highlight plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-13311 was published Nov 25, 2025

The Frontend File Manager Plugin for WordPress is vulnerable to Insecure Direct Object Reference... Moderate Unreviewed

CVE-2025-13382 was published Nov 25, 2025

The AI Engine for WordPress: ChatGPT, GPT Content Generator plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-13380 was published Nov 25, 2025

A stack buffer overflow vulnerability has been identified in certain router models. An... Moderate Unreviewed

CVE-2025-59365 was published Nov 25, 2025

The Ace Post Type Builder plugin for WordPress is vulnerable to unauthorized custom taxonomy... Moderate Unreviewed

CVE-2025-13405 was published Nov 25, 2025

The Refund Request for WooCommerce plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed

CVE-2025-12634 was published Nov 25, 2025

The Wishlist for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object... Moderate Unreviewed

CVE-2025-12040 was published Nov 25, 2025

The Zweb Social Mobile – Ứng Dụng Nút Gọi Mobile plugin for WordPress is vulnerable to Stored... Moderate Unreviewed

CVE-2025-12032 was published Nov 25, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

132,730 advisories