GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,251
Erlang
31
GitHub Actions
21
Go
2,018
Maven
5,000+
npm
3,725
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
861
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
236,476 advisories
Filter by severity
The Cookielay plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's...
Moderate
Unreviewed
CVE-2024-10320
was published
Dec 6, 2024
The Login With OTP plugin for WordPress is vulnerable to authentication bypass in versions up to,...
High
Unreviewed
CVE-2024-11178
was published
Dec 6, 2024
The Message Filter for Contact Form 7 plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2024-12027
was published
Dec 6, 2024
The Friends plugin for WordPress is vulnerable to unauthorized access due to a missing capability...
Moderate
Unreviewed
CVE-2024-12028
was published
Dec 6, 2024
The Folder Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2024-11823
was published
Dec 6, 2024
The WP Media Optimizer (.webp) plugin for WordPress is vulnerable to Reflected Cross-Site...
Moderate
Unreviewed
CVE-2024-12060
was published
Dec 6, 2024
The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-9872
was published
Dec 6, 2024
The Event Tickets with Ticket Scanner plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-9866
was published
Dec 6, 2024
The WP System plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up...
Moderate
Unreviewed
CVE-2024-12003
was published
Dec 6, 2024
The Next-Cart Store to WooCommerce Migration plugin for WordPress is vulnerable to Reflected...
Moderate
Unreviewed
CVE-2024-11687
was published
Dec 6, 2024
The CLUEVO LMS, E-Learning Platform plugin for WordPress is vulnerable to Cross-Site Request...
Moderate
Unreviewed
CVE-2024-11444
was published
Dec 6, 2024
The Ultimate Coming Soon & Maintenance plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2024-9705
was published
Dec 6, 2024
The SV100 Companion plugin for WordPress is vulnerable to unauthorized modification of data that...
Critical
Unreviewed
CVE-2024-12155
was published
Dec 6, 2024
The Ultimate Coming Soon & Maintenance plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2024-9706
was published
Dec 6, 2024
The Gold Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification of...
Moderate
Unreviewed
CVE-2024-12110
was published
Dec 6, 2024
The ForumWP – Forum & Discussion Board plugin for WordPress is vulnerable to Reflected Cross-Site...
Moderate
Unreviewed
CVE-2024-10879
was published
Dec 6, 2024
The AI Quiz | Quiz Maker plugin for WordPress is vulnerable to unauthorized modification of data...
High
Unreviewed
CVE-2024-11323
was published
Dec 6, 2024
The Clickbank WordPress Plugin (Storefront) plugin for WordPress is vulnerable to Cross-Site...
Moderate
Unreviewed
CVE-2024-11336
was published
Dec 6, 2024
The Splash Sync plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the...
Moderate
Unreviewed
CVE-2024-11368
was published
Dec 6, 2024
The ONLYOFFICE Docs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2024-11450
was published
Dec 6, 2024
The WP Private Content Plus plugin for WordPress is vulnerable to Sensitive Information Exposure...
Moderate
Unreviewed
CVE-2024-11292
was published
Dec 6, 2024
The TwentyTwenty plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin...
Moderate
Unreviewed
CVE-2024-11352
was published
Dec 6, 2024
The Smart PopUp Blaster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2024-11339
was published
Dec 6, 2024
The PDF Builder for WooCommerce. Create invoices,packing slips and more plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-11276
was published
Dec 6, 2024
The NewsMash theme for WordPress is vulnerable to Stored Cross-Site Scripting via a malicious...
Moderate
Unreviewed
CVE-2024-10849
was published
Dec 6, 2024
ProTip!
Advisories are also available from the
GraphQL API