Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,850
Erlang
36
GitHub Actions
34
Go
2,480
Maven
5,000+
npm
4,097
NuGet
734
pip
3,910
Pub
12
RubyGems
945
Rust
1,014
Swift
39
Unreviewed advisories
All unreviewed
5,000+

7,915 advisories

Loading
The Related Posts Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2025-9618 was published Aug 30, 2025
github.com/gorilla/csrf improperly validates TrustedOrigins allowing CSRF attacks Moderate
CVE-2025-47909 was published for github.com/gorilla/csrf (Go) Aug 29, 2025
The Ultimate Tag Warrior Importer plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed
CVE-2025-9374 was published Aug 29, 2025
Cross-Site Request Forgery (CSRF) vulnerability in dactum Clickbank WordPress Plugin (Niche... High Unreviewed
CVE-2025-48353 was published Aug 28, 2025
Cross-Site Request Forgery (CSRF) vulnerability in PluginsPoint Kento Splash Screen allows Stored... High Unreviewed
CVE-2025-48351 was published Aug 28, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Metin Saraç Popup for CF7 with Sweet Alert... Moderate Unreviewed
CVE-2025-48363 was published Aug 28, 2025
Cross-Site Request Forgery (CSRF) vulnerability in thaihavnn07 ATT YouTube Widget allows Stored... High Unreviewed
CVE-2025-48359 was published Aug 28, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Saeed Sattar Beglou Hesabfa Accounting allows... Moderate Unreviewed
CVE-2025-48362 was published Aug 28, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Theme Century Century ToolKit allows Cross... Moderate Unreviewed
CVE-2025-48357 was published Aug 28, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Xavier Media XM-Backup allows Stored XSS. This... High Unreviewed
CVE-2025-48109 was published Aug 28, 2025
Cross-Site Request Forgery (CSRF) vulnerability in OffClicks Invisible Optin allows Stored XSS.... High Unreviewed
CVE-2025-48311 was published Aug 28, 2025
Cross-Site Request Forgery (CSRF) vulnerability in wptableeditor Table Editor allows Cross Site... Moderate Unreviewed
CVE-2025-48310 was published Aug 28, 2025
Cross-Site Request Forgery (CSRF) vulnerability in developers savyour Savyour Affiliate Partner... High Unreviewed
CVE-2025-48306 was published Aug 28, 2025
Cross-Site Request Forgery (CSRF) vulnerability in nonletter Newsletter subscription optin module... High Unreviewed
CVE-2025-48308 was published Aug 28, 2025
Cross-Site Request Forgery (CSRF) vulnerability in kasonzhao SEO For Images allows Stored XSS.... High Unreviewed
CVE-2025-48307 was published Aug 28, 2025
Cross-Site Request Forgery (CSRF) vulnerability in shen2 多说社会化评论框 allows Cross Site Request... Moderate Unreviewed
CVE-2025-48318 was published Aug 28, 2025
Cross-Site Request Forgery (CSRF) vulnerability in cuckoohello 百度分享按钮 allows Stored XSS. This... High Unreviewed
CVE-2025-48320 was published Aug 28, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Gary Illyes Google XML News Sitemap plugin... High Unreviewed
CVE-2025-48304 was published Aug 28, 2025
Cross-Site Request Forgery (CSRF) vulnerability in web-able BetPress allows Stored XSS. This... High Unreviewed
CVE-2025-48309 was published Aug 28, 2025
Cross-Site Request Forgery (CSRF) vulnerability in dyiosah Ultimate twitter profile widget allows... High Unreviewed
CVE-2025-48321 was published Aug 28, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Aaron Axelsen WPMU Ldap Authentication allows... High Unreviewed
CVE-2025-48343 was published Aug 28, 2025
Cross-Site Request Forgery (CSRF) vulnerability in shmish111 WP Admin Theme allows Stored XSS.... High Unreviewed
CVE-2025-48325 was published Aug 28, 2025
QuickCMS is vulnerable to Cross-Site Request Forgery in page deletion functionality. Malicious... Moderate Unreviewed
CVE-2025-54541 was published Aug 28, 2025
The Video Share VOD – Turnkey Video Site Builder Script plugin for WordPress is vulnerable to... High Unreviewed
CVE-2025-7812 was published Aug 28, 2025
Cross-Site Request Forgery (CSRF) vulnerability in GeroNikolov Instant Breaking News allows... High Unreviewed
CVE-2025-58217 was published Aug 27, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database