Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,632
Erlang
34
GitHub Actions
25
Go
2,229
Maven
5,000+
npm
3,897
NuGet
701
pip
3,662
Pub
12
RubyGems
914
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

7,283 advisories

Loading
Cross-Site Request Forgery (CSRF) vulnerability in NotFound WPJobBoard allows Cross Site Request... Moderate Unreviewed
CVE-2025-30965 was published Apr 15, 2025
gorilla/csrf CSRF vulnerability due to broken Referer validation Moderate
CVE-2025-24358 was published for github.com/gorilla/csrf (Go) Apr 14, 2025
patrickod
A vulnerability was found in ghostxbh uzy-ssm-mall 1.0.0. It has been classified as problematic.... Moderate Unreviewed
CVE-2025-3561 was published Apr 14, 2025
Cross-Site Request Forgery (CSRF) vulnerability in wphocus My auctions allegro allows Stored XSS... High Unreviewed
CVE-2025-27009 was published Apr 14, 2025
A vulnerability, which was classified as problematic, has been found in ScriptAndTools eCommerce... Moderate Unreviewed
CVE-2025-3557 was published Apr 14, 2025
The Clearfy Cache – WordPress optimization plugin, Minify HTML, CSS & JS, Defer plugin for... Moderate Unreviewed
CVE-2024-13337 was published Apr 12, 2025
The Clearfy Cache – WordPress optimization plugin, Minify HTML, CSS & JS, Defer plugin for... Moderate Unreviewed
CVE-2024-13338 was published Apr 12, 2025
The WordPress Mega Menu – QuadMenu plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed
CVE-2025-2871 was published Apr 12, 2025
Cross-Site Request Forgery (CSRF) vulnerability in ShareThis ShareThis Dashboard for Google... Moderate Unreviewed
CVE-2025-32282 was published Apr 10, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Brizy Brizy Pro allows Cross Site Request... Moderate Unreviewed
CVE-2025-26902 was published Apr 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in epeken Epeken All Kurir allows Stored XSS.... High Unreviewed
CVE-2025-32673 was published Apr 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Ashish Ajani WP Show Stats allows Cross Site... Moderate Unreviewed
CVE-2025-32678 was published Apr 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in fromdoppler Doppler Forms allows Stored XSS.... High Unreviewed
CVE-2025-32667 was published Apr 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in ZealousWeb User Registration Using Contact... Moderate Unreviewed
CVE-2025-32679 was published Apr 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in MERGADO Mergado Pack allows Stored XSS. This... High Unreviewed
CVE-2025-32669 was published Apr 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Drupal ECA: Event - Condition - Action allows... Moderate Unreviewed
CVE-2025-3131 was published Apr 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Kevon Adonis WP Abstracts allows Cross Site... High Unreviewed
CVE-2025-32591 was published Apr 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in ip2location IP2Location World Clock allows... High Unreviewed
CVE-2025-32644 was published Apr 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Ydesignservices Multiple Location Google Map... High Unreviewed
CVE-2025-32617 was published Apr 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in KeyCAPTCHA KeyCAPTCHA allows Stored XSS. This... High Unreviewed
CVE-2025-32619 was published Apr 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in appsbd Vite Coupon allows Remote Code... Critical Unreviewed
CVE-2025-32642 was published Apr 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in anantaddons Anant Addons for Elementor allows... Critical Unreviewed
CVE-2025-32641 was published Apr 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in plainware PlainInventory allows Stored XSS.... High Unreviewed
CVE-2025-32623 was published Apr 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Vsourz Digital WP Map Route Planner allows... High Unreviewed
CVE-2025-32621 was published Apr 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Hiren Patel Custom Posts Order allows Stored... High Unreviewed
CVE-2025-32645 was published Apr 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database