Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,856
Erlang
36
GitHub Actions
36
Go
2,488
Maven
5,000+
npm
4,104
NuGet
735
pip
3,923
Pub
12
RubyGems
945
Rust
1,017
Swift
39
Unreviewed advisories
All unreviewed
5,000+

7,950 advisories

Loading
QuickCMS is vulnerable to Cross-Site Request Forgery in article creation functionality. Malicious... Moderate Unreviewed
CVE-2025-54174 was published Aug 20, 2025
The Easy Digital Downloads plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed
CVE-2025-8102 was published Aug 20, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Realtyna Realtyna Organic IDX plugin allows... High Unreviewed
CVE-2025-54052 was published Aug 20, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Dourou Cookie Warning allows Cross Site... Moderate Unreviewed
CVE-2025-49426 was published Aug 20, 2025
Cross-Site Request Forgery (CSRF) vulnerability in wptasker WP Discord Post Plus – ... Moderate Unreviewed
CVE-2025-49896 was published Aug 20, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Fetch Designs Sign-up Sheets allows Cross Site... Moderate Unreviewed
CVE-2025-49391 was published Aug 20, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Basix NEX-Forms allows Cross Site Request... High Unreviewed
CVE-2025-49399 was published Aug 20, 2025
Cross-Site Request Forgery (CSRF) vulnerability in DexignZone JobZilla - Job Board WordPress... High Unreviewed
CVE-2025-49382 was published Aug 20, 2025
Cross-Site Request Forgery (CSRF) vulnerability in ads.txt Guru ads.txt Guru Connect allows Cross... Critical Unreviewed
CVE-2025-49381 was published Aug 20, 2025
Liferay Portal CSRF Vulnerability via Endpoint Parameter Moderate
CVE-2025-43745 was published for com.liferay.portal:release.portal.bom (Maven) Aug 19, 2025
The Last.fm Recent Album Artwork plugin for WordPress is vulnerable to Cross-Site Request Forgery... Moderate Unreviewed
CVE-2025-7684 was published Aug 16, 2025
The weichuncai(WP伪春菜) plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2025-7686 was published Aug 16, 2025
The LatestCheckins plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2025-7683 was published Aug 16, 2025
The Linux Promotional Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed
CVE-2025-7668 was published Aug 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in iThemes ServerBuddy by PluginBuddy.Com allows... High Unreviewed
CVE-2025-49895 was published Aug 16, 2025
The Add User Meta plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2025-7688 was published Aug 15, 2025
A vulnerability has been found in mtons mblog up to 3.5.0. Affected by this issue is some unknown... Moderate Unreviewed
CVE-2025-8992 was published Aug 15, 2025
Cross-Site Request Forgery (CSRF) vulnerability in ApusTheme Findgo allows Cross Site Request... High Unreviewed
CVE-2025-53587 was published Aug 14, 2025
Cross-Site Request Forgery (CSRF) vulnerability in hakeemnala Build App Online allows Cross Site... Moderate Unreviewed
CVE-2025-53249 was published Aug 14, 2025
Cross-Site Request Forgery (CSRF) vulnerability in CreativeMindsSolutions CM On Demand Search And... Moderate Unreviewed
CVE-2025-54728 was published Aug 14, 2025
Cross-Site Request Forgery (CSRF) vulnerability in pl4g4 WP-Database-Optimizer-Tools allows Cross... Moderate Unreviewed
CVE-2025-53219 was published Aug 14, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Laborator Kalium allows Cross Site Request... Moderate Unreviewed
CVE-2025-53347 was published Aug 14, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Shahjada WPDM – Premium Packages allows Cross... Moderate Unreviewed
CVE-2025-54732 was published Aug 14, 2025
Cross-Site Request Forgery (CSRF) vulnerability in flexostudio flexo-social-gallery allows Cross... Moderate Unreviewed
CVE-2025-52769 was published Aug 14, 2025
Cross-Site Request Forgery (CSRF) vulnerability in josepsitjar StoryMap allows SQL Injection.... High Unreviewed
CVE-2025-52797 was published Aug 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database