Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

3,556 advisories

Loading
The Logo Showcase with Slick Slider WordPress plugin before 1.2.5 does not have CSRF and... Moderate Unreviewed
CVE-2021-24730 was published Mar 1, 2022
The Logo Showcase with Slick Slider WordPress plugin before 2.0.1 does not have CSRF check in the... Moderate Unreviewed
CVE-2021-24913 was published Mar 1, 2022
The Maps Plugin using Google Maps for WordPress plugin before 1.8.4 does not have CSRF checks in... Moderate Unreviewed
CVE-2021-25081 was published Mar 1, 2022
The Maps Plugin using Google Maps for WordPress plugin before 1.8.1 does not have proper... Moderate Unreviewed
CVE-2021-25011 was published Mar 1, 2022
The Customize WordPress Emails and Alerts WordPress plugin before 1.8.7 does not have... Moderate Unreviewed
CVE-2022-0345 was published Mar 1, 2022
The Simple Membership WordPress plugin before 4.0.9 does not have CSRF check when deleting... Moderate Unreviewed
CVE-2022-0328 was published Mar 1, 2022
Cross-site request forgery (CSRF) vulnerability in EC-CUBE plugin 'Mail Magazine Management... Moderate Unreviewed
CVE-2022-21179 was published Feb 25, 2022
The Coming soon and Maintenance mode WordPress plugin before 3.6.8 does not have authorisation... Moderate Unreviewed
CVE-2022-0164 was published Feb 22, 2022
The Coming soon and Maintenance mode WordPress plugin before 3.6.8 does not have CSRF check in... Moderate Unreviewed
CVE-2022-0199 was published Feb 22, 2022
The Float menu WordPress plugin before 4.3.1 does not have CSRF check in place when deleting menu... Moderate Unreviewed
CVE-2022-0313 was published Feb 22, 2022
Cross-Site Request Forgery (CSRF) vulnerability leading to event deletion was discovered in... Moderate Unreviewed
CVE-2022-25599 was published Feb 22, 2022
Plesk 18.0.37 is affected by a Cross Site Request Forgery (CSRF) vulnerability that allows an... Moderate Unreviewed
CVE-2021-45007 was published Feb 21, 2022
Cross-Site Request Forgery microweber Moderate
CVE-2022-0638 was published for microweber/microweber (Composer) Feb 18, 2022
A Cross-Site Request Forgery (CSRF) in RequirementsBypassPage.php of Scratch Wiki scratch... Moderate Unreviewed
CVE-2021-46252 was published Feb 17, 2022
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers... Moderate Unreviewed
CVE-2021-43952 was published Feb 16, 2022
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers... Moderate Unreviewed
CVE-2021-43953 was published Feb 16, 2022
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to modify... Moderate Unreviewed
CVE-2021-43941 was published Feb 16, 2022
Jenkins Snow Commander Plugin 2.0 vulnerable to Cross-Site Request Forgery Moderate
CVE-2022-25192 was published for io.jenkins.plugins:embotics-vcommander (Maven) Feb 16, 2022
NotMyFault
CSRF vulnerability in Jenkins Checkmarx Plugin allow capturing credentials Moderate
CVE-2022-25200 was published for com.checkmarx.jenkins:checkmarx (Maven) Feb 16, 2022
NotMyFault
CSRF vulnerability in Jenkins SWAMP Plugin allows capturing credentials Moderate
CVE-2022-25212 was published for org.continuousassurance.swamp.jenkins:swamp (Maven) Feb 16, 2022
NotMyFault
Cross-Site Request Forgery in mm_forum Moderate Unreviewed
CVE-2020-15516 was published Feb 15, 2022
The Remove Footer Credit WordPress plugin before 1.0.6 does not have CSRF check in place when... Moderate Unreviewed
CVE-2021-24446 was published Feb 15, 2022
The Entity Embed module provides a filter to allow embedding entities in content fields. In... Moderate Unreviewed
CVE-2020-13673 was published Feb 12, 2022
Cross-Site Request Forgery in Drupal core Moderate
CVE-2020-13674 was published for drupal/core (Composer) Feb 12, 2022
tdunlap607
phoronix-test-suite is vulnerable to Cross-Site Request Forgery (CSRF) Moderate Unreviewed
CVE-2022-0238 was published Feb 11, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database