Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,820
Erlang
36
GitHub Actions
32
Go
2,412
Maven
5,000+
npm
4,050
NuGet
723
pip
3,844
Pub
12
RubyGems
933
Rust
1,004
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,890 advisories

Loading
Cross-Site Request Forgery (CSRF) vulnerability in Juan Carlos WP Mapa Politico España allows... Moderate Unreviewed
CVE-2025-48259 was published May 19, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Bill Minozzi reCAPTCHA for all allows Cross... Moderate Unreviewed
CVE-2025-48243 was published May 19, 2025
A vulnerability, which was classified as problematic, has been found in SourceCodester Online... Moderate Unreviewed
CVE-2025-4887 was published May 18, 2025
The Audio Comments Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2025-4189 was published May 17, 2025
The AlT Monitoring plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2025-4194 was published May 17, 2025
The Wholesale Market WordPress plugin before 2.2.2, Wholesale Market for WooCommerce WordPress... Moderate Unreviewed
CVE-2022-4363 was published May 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Javier Revilla ValidateCertify allows Cross... Moderate Unreviewed
CVE-2025-48115 was published May 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in kamleshyadav Pixel WordPress Form... Moderate Unreviewed
CVE-2025-31915 was published May 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in themeton Seven Stars allows Cross Site Request... Moderate Unreviewed
CVE-2025-31068 was published May 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in themeton Spare allows Cross Site Request... Moderate Unreviewed
CVE-2025-31639 was published May 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in loopus WP Ultimate Tours Builder allows Cross... Moderate Unreviewed
CVE-2025-31921 was published May 16, 2025
The WOOEXIM WordPress plugin through 5.0.0 does not have CSRF check in some places, and is... Moderate Unreviewed
CVE-2025-1288 was published May 15, 2025
The WP-PManager WordPress plugin through 1.2 does not have CSRF check in place when updating its... Moderate Unreviewed
CVE-2025-2247 was published May 15, 2025
The EKC Tournament Manager WordPress plugin before 2.2.2 does not have CSRF check in place when... Moderate Unreviewed
CVE-2024-9711 was published May 15, 2025
The EKC Tournament Manager WordPress plugin before 2.2.2 does not have CSRF check in place when... Moderate Unreviewed
CVE-2024-9709 was published May 15, 2025
The Logo Slider WordPress plugin before 3.7.1 does not have CSRF check in place when updating... Moderate Unreviewed
CVE-2024-9233 was published May 15, 2025
The Free Booking Plugin for Hotels, Restaurants and Car Rentals WordPress plugin before 1.3.15... Moderate Unreviewed
CVE-2024-9450 was published May 15, 2025
The Simple Nav Archives WordPress plugin through 2.1.3 does not have CSRF check in place when... Moderate Unreviewed
CVE-2024-8398 was published May 15, 2025
The GamiPress WordPress plugin before 1.0.1 does not have CSRF check in place when updating its... Moderate Unreviewed
CVE-2024-8245 was published May 15, 2025
The Widgets Reset WordPress plugin through 0.1 does not have CSRF check in place when updating... Moderate Unreviewed
CVE-2024-8082 was published May 15, 2025
The PeoplePond WordPress plugin through 1.1.9 does not have CSRF check in some places, and is... Moderate Unreviewed
CVE-2024-8085 was published May 15, 2025
The Custom Author Base WordPress plugin through 1.1.1 does not have CSRF check in place when... Moderate Unreviewed
CVE-2024-8050 was published May 15, 2025
The webtoffee-gdpr-cookie-consent WordPress plugin before 2.6.1 does not have CSRF checks in some... Moderate Unreviewed
CVE-2024-8286 was published May 15, 2025
The Smooth Gallery Replacement WordPress plugin through 1.0 does not have CSRF check in some... Moderate Unreviewed
CVE-2024-8032 was published May 15, 2025
The Joy Of Text Lite WordPress plugin through 2.3.1 does not have CSRF check in place when... Moderate Unreviewed
CVE-2024-7984 was published May 15, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database