GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,369
Composer 4,373
Erlang 33
GitHub Actions 22
Go 2,135
Maven 5,313
npm 3,797
NuGet 687
pip 3,478
Pub 12
RubyGems 896
Rust 897
Swift 38

Unreviewed advisories

All unreviewed 245,374

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

245,374 advisories

Filter by severity

Sort by

Least recently updated

The DeBounce Email Validator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting... Moderate Unreviewed

CVE-2024-11463 was published Nov 23, 2024

The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is... Moderate Unreviewed

CVE-2024-10606 was published Nov 23, 2024

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Local File... High Unreviewed

CVE-2024-10873 was published Nov 23, 2024

The PDF Invoices & Packing Slips Generator for WooCommerce plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-11361 was published Nov 23, 2024

The HIPAA Compliant Forms with Drag’n’Drop HIPAA Form Builder. Sign HIPAA documents plugin for... Moderate Unreviewed

CVE-2024-11332 was published Nov 23, 2024

The AutoListicle: Automatically Update Numbered List Articles plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2024-11426 was published Nov 23, 2024

The Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form... Moderate Unreviewed

CVE-2024-11188 was published Nov 23, 2024

The Tribute Testimonials – WordPress Testimonial Grid/Slider plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2024-10886 was published Nov 23, 2024

The WPDash Notes plugin for WordPress is vulnerable to unauthorized access of data due to a... Moderate Unreviewed

CVE-2024-9223 was published Nov 23, 2024

The Increase Maximum Upload File Size | Increase Execution Time plugin for WordPress is... Moderate Unreviewed

CVE-2024-11265 was published Nov 23, 2024

The Quotes llama plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin... Moderate Unreviewed

CVE-2024-10874 was published Nov 23, 2024

The Payments Plugin and Checkout Plugin for WooCommerce: Stripe, PayPal, Square, Authorize.net... Moderate Unreviewed

CVE-2024-11362 was published Nov 23, 2024

The WP-Orphanage Extended plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... High Unreviewed

CVE-2024-11415 was published Nov 23, 2024

The Easy Liveblogs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-11387 was published Nov 23, 2024

The Social Login plugin for WordPress is vulnerable to authentication bypass in all versions up... Critical Unreviewed

CVE-2024-10961 was published Nov 23, 2024

The WP User Manager – User Profile Builder & Membership plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-10216 was published Nov 23, 2024

The Twitter Follow Button plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2024-10116 was published Nov 23, 2024

The WordPress Brute Force Protection – Stop Brute Force Attacks plugin for WordPress is... Moderate Unreviewed

CVE-2024-10869 was published Nov 23, 2024

The Product Table for WooCommerce by CodeAstrology (wooproducttable.com) plugin for WordPress is... Moderate Unreviewed

CVE-2024-10813 was published Nov 23, 2024

The Enter Addons – Ultimate Template Builder for Elementor plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-10868 was published Nov 23, 2024

The WP User Manager – User Profile Builder & Membership plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-10537 was published Nov 23, 2024

An OS Command Injection vulnerability exists within myPRO Manager. A parameter within a command... Critical Unreviewed

CVE-2024-52034 was published Nov 23, 2024

A parameter within a command does not properly validate input within myPRO Manager which could be... Critical Unreviewed

CVE-2024-47407 was published Nov 23, 2024

The web application uses a weak authentication mechanism to verify that a request is coming from... Critical Unreviewed

CVE-2024-45369 was published Nov 23, 2024

The administrative interface listens by default on all interfaces on a TCP port and does not... Critical Unreviewed

CVE-2024-47138 was published Nov 23, 2024

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

245,374 advisories