GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,892
Composer 4,266
Erlang 31
GitHub Actions 21
Go 2,041
Maven 5,224
npm 3,733
NuGet 662
pip 3,414
Pub 12
RubyGems 891
Rust 866
Swift 36

Unreviewed advisories

All unreviewed 238,129

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,063 advisories

Filter by severity

Sort by

Least recently updated

The SMS for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2024-12220 was published Dec 17, 2024

The Stop Registration Spam plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed

CVE-2024-12219 was published Dec 17, 2024

Cross-Site Request Forgery (CSRF) vulnerability in ThemeFusion Avada.This issue affects Avada:... Moderate Unreviewed

CVE-2024-54357 was published Dec 16, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Posti Posti Shipping allows Cross Site Request... Moderate Unreviewed

CVE-2024-56005 was published Dec 16, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Diversified Technology Corp., WPYog, and Gagan... Moderate Unreviewed

CVE-2024-54418 was published Dec 16, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Mansur Ahamed Ui Slider Filter By Price allows... Moderate Unreviewed

CVE-2024-54419 was published Dec 16, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Bastien Ho EELV Newsletter allows Cross Site... Moderate Unreviewed

CVE-2024-54430 was published Dec 16, 2024

Cross-Site Request Forgery (CSRF) vulnerability in brandtoss WP Mailster allows Cross Site... Moderate Unreviewed

CVE-2024-54355 was published Dec 16, 2024

Cross-Site Request Forgery (CSRF) vulnerability in vCita.com Online Booking & Scheduling Calendar... Moderate Unreviewed

CVE-2024-54356 was published Dec 16, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Ryan Bet sport Free allows Cross Site Request... Moderate Unreviewed

CVE-2024-54396 was published Dec 16, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Jake H. Youtube Video Grid allows Exploiting... Moderate Unreviewed

CVE-2024-54408 was published Dec 16, 2024

Cross-Site Request Forgery (CSRF) vulnerability in WPENGINE, INC. Advanced Custom Fields PRO.This... Moderate Unreviewed

CVE-2024-37251 was published Dec 16, 2024

The SIP Calculator plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2024-12555 was published Dec 14, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Hive Support Hive Support – WordPress Help... Moderate Unreviewed

CVE-2024-54321 was published Dec 13, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Neuralabz LTD. AutoWP allows Cross Site... Moderate Unreviewed

CVE-2024-54300 was published Dec 13, 2024

Cross-Site Request Forgery (CSRF) vulnerability in AIpost AIcomments allows Cross Site Request... Moderate Unreviewed

CVE-2024-54307 was published Dec 13, 2024

Cross-Site Request Forgery (CSRF) vulnerability in ilGhera Woocommerce Support System allows... Moderate Unreviewed

CVE-2023-41686 was published Dec 13, 2024

Cross-Site Request Forgery (CSRF) vulnerability in KCT AIKCT Engine Chatbot, ChatGPT, Gemini, GPT... Moderate Unreviewed

CVE-2024-54306 was published Dec 13, 2024

The Themify Store Locator plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2024-12414 was published Dec 13, 2024

The Hello In All Languages plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed

CVE-2024-12572 was published Dec 13, 2024

The Arena.IM – Live Blogging for real-time events plugin for WordPress is vulnerable to Cross... Moderate Unreviewed

CVE-2024-12526 was published Dec 12, 2024

The Password for WP plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2024-11419 was published Dec 12, 2024

The dejure.org Vernetzungsfunktion plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed

CVE-2024-11417 was published Dec 12, 2024

The web application is not protected against cross-site request forgery attacks. Therefore, an... Moderate Unreviewed

CVE-2024-28141 was published Dec 11, 2024

The WPC Order Notes for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed

CVE-2024-12004 was published Dec 11, 2024

Previous 1 2 3 4 5 … 122 123 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,063 advisories