GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
238,521 advisories
Filter by severity
The Revolut Gateway for WooCommerce plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2024-8678
was published
Sep 25, 2024
The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible...
High
Unreviewed
CVE-2024-8290
was published
Sep 25, 2024
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Sensitive...
Moderate
Unreviewed
CVE-2024-8910
was published
Sep 25, 2024
The LiteSpeed Cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via plugin...
Moderate
Unreviewed
CVE-2024-9169
was published
Sep 25, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Moderate
Unreviewed
CVE-2024-47303
was published
Sep 25, 2024
The Ninja Forms Contact Form plugin for WordPress is vulnerable to Reflected Self-Based Cross...
Moderate
Unreviewed
CVE-2024-3866
was published
Sep 25, 2024
The Themesflat Addons For Elementor plugin for WordPress is vulnerable to Information Exposure in...
Moderate
Unreviewed
CVE-2024-8516
was published
Sep 25, 2024
The myCred – Loyalty Points and Rewards plugin for WordPress and WooCommerce – Give Points, Ranks...
Moderate
Unreviewed
CVE-2024-8658
was published
Sep 25, 2024
The Chatbot with ChatGPT WordPress plugin before 2.4.6 does not have proper authorization in one...
Moderate
Unreviewed
CVE-2024-6845
was published
Sep 25, 2024
The adstxt Plugin WordPress plugin through 1.0.0 does not have CSRF check in place when updating...
Moderate
Unreviewed
CVE-2024-7892
was published
Sep 25, 2024
The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution ...
Moderate
Unreviewed
CVE-2024-8668
was published
Sep 25, 2024
The The Events Calendar plugin for WordPress is vulnerable to SQL Injection via the 'order'...
Critical
Unreviewed
CVE-2024-8275
was published
Sep 25, 2024
The Themesflat Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-8515
was published
Sep 25, 2024
The Prisna GWT – Google Website Translator plugin for WordPress is vulnerable to PHP Object...
Critical
Unreviewed
CVE-2024-8514
was published
Sep 25, 2024
The WordPress Simple HTML Sitemap plugin for WordPress is vulnerable to SQL Injection via the 'id...
Critical
Unreviewed
CVE-2024-7385
was published
Sep 25, 2024
The WP ULike WordPress plugin before 4.7.4 does not sanitise and escape some of its settings,...
Moderate
Unreviewed
CVE-2024-7878
was published
Sep 25, 2024
The WP GPX Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin...
Moderate
Unreviewed
CVE-2024-9028
was published
Sep 25, 2024
The Graphicsly – The ultimate graphics plugin for WordPress website builder ( Gutenberg,...
Moderate
Unreviewed
CVE-2024-9069
was published
Sep 25, 2024
The Daily Prayer Time plugin for WordPress is vulnerable to SQL Injection via the 'max_word'...
Critical
Unreviewed
CVE-2024-8621
was published
Sep 25, 2024
The WPZOOM Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2024-9027
was published
Sep 25, 2024
The OneElements – Best Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-9068
was published
Sep 25, 2024
The Material Design Icons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
Moderate
Unreviewed
CVE-2024-9024
was published
Sep 25, 2024
The GutenGeek Free Gutenberg Blocks for WordPress plugin for WordPress is vulnerable to Stored...
Moderate
Unreviewed
CVE-2024-9073
was published
Sep 25, 2024
The Simple Calendar – Google Calendar Plugin plugin for WordPress is vulnerable to Reflected...
Moderate
Unreviewed
CVE-2024-8549
was published
Sep 25, 2024
The Kodex Posts likes plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to...
Moderate
Unreviewed
CVE-2024-8713
was published
Sep 25, 2024
ProTip!
Advisories are also available from the
GraphQL API