GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,356
Erlang
33
GitHub Actions
22
Go
2,121
Maven
5,000+
npm
3,783
NuGet
683
pip
3,465
Pub
12
RubyGems
893
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+
6,789 advisories
Filter by severity
Cross-Site Request Forgery (CSRF) vulnerability in SysBasics Customize My Account for WooCommerce...
Moderate
Unreviewed
CVE-2023-51369
was published
Mar 15, 2024
Cross-Site Request Forgery (CSRF) vulnerability in MailMunch MailChimp Forms by MailMunch.This...
Moderate
Unreviewed
CVE-2024-31378
was published
Apr 15, 2024
Aten PE8108 2.4.232 is vulnerable to Cross Site Request Forgery (CSRF).
Moderate
Unreviewed
CVE-2023-25411
was published
Apr 11, 2023
SAP Commerce, by default, sets certain cookies with the SameSite attribute configured to None ...
Moderate
Unreviewed
CVE-2025-24875
was published
Feb 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Zaytech Smart Online Order for Clover.This...
Moderate
Unreviewed
CVE-2024-31238
was published
Apr 12, 2024
Magento cross-site request forgery (CSRF) vulnerability via the GraphQL API
Moderate
CVE-2021-21027
was published
for
magento/community-edition
(Composer)
May 24, 2022
A vulnerability, which was classified as problematic, was found in SourceCodester Simple...
Moderate
Unreviewed
CVE-2024-5097
was published
May 19, 2024
The Gestpay for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in...
Moderate
Unreviewed
CVE-2024-0433
was published
Feb 28, 2024
The Gestpay for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in...
Moderate
Unreviewed
CVE-2024-0432
was published
Feb 28, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs Paid Member Subscriptions.This...
Moderate
Unreviewed
CVE-2023-51522
was published
Mar 15, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Themify Themify Builder.This issue affects...
Moderate
Unreviewed
CVE-2024-24872
was published
Feb 21, 2024
The WP All Import Pro plugin for WordPress is vulnerable to Cross-Site Request Forgery in all...
Moderate
Unreviewed
CVE-2024-9661
was published
Feb 7, 2025
The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Cross-Site...
Moderate
Unreviewed
CVE-2024-1446
was published
May 22, 2024
Cross-Site Request Forgery (CSRF) vulnerability in jordan.hatch Infusionsoft Analytics allows...
Moderate
Unreviewed
CVE-2025-25145
was published
Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Rishi On Page SEO + Whatsapp Chat Button...
High
Unreviewed
CVE-2025-25138
was published
Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Scriptonite Simple User Profile allows Stored...
High
Unreviewed
CVE-2025-25140
was published
Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in ibasit GlobalQuran allows Cross Site Request...
Moderate
Unreviewed
CVE-2025-25143
was published
Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Cynob IT Consultancy WP Custom Post RSS Feed...
High
Unreviewed
CVE-2025-25139
was published
Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in scweber Custom Comment Notifications allows...
High
Unreviewed
CVE-2025-25154
was published
Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in saleandro Songkick Concerts and Festivals...
Moderate
Unreviewed
CVE-2025-25146
was published
Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Stanko Metodiev Quote Comments allows Stored...
High
Unreviewed
CVE-2025-25156
was published
Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in ElbowRobo Read More Copy Link allows Stored...
High
Unreviewed
CVE-2025-25148
was published
Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in LukaszWiecek Smart DoFollow allows Stored XSS....
High
Unreviewed
CVE-2025-25152
was published
Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Mark Barnes Style Tweaker allows Stored XSS....
High
Unreviewed
CVE-2025-25160
was published
Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Nirmal Kumar Ram WP Social Stream allows...
High
Unreviewed
CVE-2025-25074
was published
Feb 7, 2025
ProTip!
Advisories are also available from the
GraphQL API