GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,614
Composer 4,224
Erlang 31
GitHub Actions 19
Go 1,990
Maven 5,170
npm 3,706
NuGet 661
pip 3,336
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,385

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

234,385 advisories

Filter by severity

Sort by

Least recently updated

The Mapster WP Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-10592 was published Nov 16, 2024

The Login using WordPress Users ( WP as SAML IDP ) plugin for WordPress is vulnerable to time... High Unreviewed

CVE-2024-9887 was published Nov 16, 2024

The 404 Solution plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed

CVE-2024-11094 was published Nov 16, 2024

The Blogger 301 Redirect plugin for WordPress is vulnerable to blind time-based SQL Injection via... High Unreviewed

CVE-2024-10645 was published Nov 16, 2024

The WordPress Video Robot - The Ultimate Video Importer plugin for WordPress is vulnerable to... High Unreviewed

CVE-2024-9192 was published Nov 16, 2024

The 3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin plugin for... High Unreviewed

CVE-2024-9849 was published Nov 16, 2024

The Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX plugin for WordPress is... High Unreviewed

CVE-2024-10728 was published Nov 16, 2024

The BulkPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use... Moderate Unreviewed

CVE-2024-9615 was published Nov 16, 2024

The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized access... Moderate Unreviewed

CVE-2024-10614 was published Nov 16, 2024

The SVG Case Study plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File... Moderate Unreviewed

CVE-2024-9850 was published Nov 16, 2024

The PeproDev WooCommerce Receipt Uploader plugin for WordPress is vulnerable to Reflected Cross... Moderate Unreviewed

CVE-2024-8873 was published Nov 16, 2024

The PDF Generator Addon for Elementor Page Builder plugin for WordPress is vulnerable to Path... High Unreviewed

CVE-2024-9935 was published Nov 16, 2024

The Backup and Staging by WP Time Capsule plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed

CVE-2024-8856 was published Nov 16, 2024

The Exclusive Divi – Divi Preloader, Modules for Divi & Extra Theme plugin for WordPress is... Moderate Unreviewed

CVE-2024-9386 was published Nov 16, 2024

The The Uix Slideshow plugin for WordPress is vulnerable to arbitrary shortcode execution in all... High Unreviewed

CVE-2024-9839 was published Nov 16, 2024

The Bounce Handler MailPoet 3 plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed

CVE-2024-9938 was published Nov 16, 2024

The ConvertCalculator for WordPress plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-10015 was published Nov 16, 2024

The 404 Error Monitor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2024-11118 was published Nov 16, 2024

The PJW Mime Config plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG... Moderate Unreviewed

CVE-2024-10017 was published Nov 16, 2024

The Gallery Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to... Moderate Unreviewed

CVE-2024-10875 was published Nov 16, 2024

The WP Log Viewer plugin for WordPress is vulnerable to unauthorized use of functionality due to... Moderate Unreviewed

CVE-2024-11085 was published Nov 16, 2024

The The Drop Shadow Boxes plugin for WordPress is vulnerable to arbitrary shortcode execution in... Moderate Unreviewed

CVE-2024-10262 was published Nov 16, 2024

The WP Chat App plugin for WordPress is vulnerable to unauthorized plugin installation due to a... Moderate Unreviewed

CVE-2024-10533 was published Nov 16, 2024

The Steel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's btn... Moderate Unreviewed

CVE-2024-10147 was published Nov 16, 2024

The SimpleForm Contact Form Submissions plugin for WordPress is vulnerable to Reflected Cross... Moderate Unreviewed

CVE-2024-10884 was published Nov 16, 2024

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

234,385 advisories