Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

131,665 advisories

Loading
Cross-Site Request Forgery (CSRF) vulnerability in Vuong Nguyen WP Security Master allows Cross... Moderate Unreviewed
CVE-2025-49440 was published Jun 6, 2025
Missing Authorization vulnerability in WP Map Plugins Interactive Regional Map of Florida allows... Moderate Unreviewed
CVE-2025-49441 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-49333 was published Jun 6, 2025
Cross-Site Request Forgery (CSRF) vulnerability in codepeople WP Time Slots Booking Form allows... Moderate Unreviewed
CVE-2025-49332 was published Jun 6, 2025
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed
CVE-2025-49419 was published Jun 6, 2025
Cross-Site Request Forgery (CSRF) vulnerability in minhlaobao Admin Notes allows Cross Site... Moderate Unreviewed
CVE-2025-49446 was published Jun 6, 2025
Cross-Site Request Forgery (CSRF) vulnerability in mariusz88atelierweb Atelier Create CV allows... Moderate Unreviewed
CVE-2025-49439 was published Jun 6, 2025
Cross-Site Request Forgery (CSRF) vulnerability in WP Map Plugins Interactive Regional Map of... Moderate Unreviewed
CVE-2025-49449 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-49443 was published Jun 6, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Hasina77 Wp Easy Allopass allows Cross Site... Moderate Unreviewed
CVE-2025-49435 was published Jun 6, 2025
Cross-Site Request Forgery (CSRF) vulnerability in WP Map Plugins Interactive UK Regional Map... Moderate Unreviewed
CVE-2025-49445 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-49450 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-49442 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-49427 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-49310 was published Jun 6, 2025
Missing Authorization vulnerability in fraudlabspro FraudLabs Pro for WooCommerce allows... Moderate Unreviewed
CVE-2025-49320 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-49309 was published Jun 6, 2025
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Automattic Newspack... Moderate Unreviewed
CVE-2025-49325 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-49318 was published Jun 6, 2025
Cross-Site Request Forgery (CSRF) vulnerability in NTC WP Page Loading allows Cross Site Request... Moderate Unreviewed
CVE-2025-49317 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-49322 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-49311 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-49314 was published Jun 6, 2025
Missing Authorization vulnerability in PickPlugins Job Board Manager allows Exploiting... Moderate Unreviewed
CVE-2025-49324 was published Jun 6, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-49305 was published Jun 6, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database