GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,324
Composer 4,360
Erlang 33
GitHub Actions 22
Go 2,127
Maven 5,308
npm 3,793
NuGet 683
pip 3,471
Pub 12
RubyGems 894
Rust 894
Swift 38

Unreviewed advisories

All unreviewed 244,959

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

244,959 advisories

Filter by severity

Sort by

Least recently updated

An authenticated user in the "bestinformed Web" application can execute commands on the... High Unreviewed

CVE-2025-0422 was published Feb 18, 2025

The Super Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... High Unreviewed

CVE-2024-13704 was published Feb 18, 2025

The Web Stories Enhancer – Level Up Your Web Stories plugin for WordPress is vulnerable to Stored... Moderate Unreviewed

CVE-2024-13575 was published Feb 18, 2025

Via the GUI of the "bestinformed Infoclient", a low-privileged user is by default able to change... High Unreviewed

CVE-2025-0425 was published Feb 18, 2025

In the "bestinformed Web" application, some user input was not properly sanitized. This leads to... Moderate Unreviewed

CVE-2025-0424 was published Feb 18, 2025

The CarSpot – Dealership Wordpress Classified Theme theme for WordPress is vulnerable to... Critical Unreviewed

CVE-2024-12860 was published Feb 18, 2025

The Ecwid by Lightspeed Ecommerce Shopping Cart plugin for WordPress is vulnerable to Cross-Site... Moderate Unreviewed

CVE-2024-13795 was published Feb 18, 2025

The Online Payments – Get Paid with PayPal, Square & Stripe plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-11895 was published Feb 18, 2025

The Flexible Wishlist for WooCommerce – Ecommerce Wishlist & Save for later plugin for WordPress... Moderate Unreviewed

CVE-2024-13718 was published Feb 18, 2025

The Threepress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's... Moderate Unreviewed

CVE-2024-13395 was published Feb 18, 2025

The Active Products Tables for WooCommerce. Use constructor to create tables plugin for WordPress... Moderate Unreviewed

CVE-2025-0864 was published Feb 18, 2025

In the "bestinformed Web" application, some user input was not properly sanitized. This leads to... Moderate Unreviewed

CVE-2025-0423 was published Feb 18, 2025

The Scratch & Win – Giveaways and Contests. Boost subscribers, traffic, repeat visits, referrals... Moderate Unreviewed

CVE-2024-13316 was published Feb 18, 2025

Insecure Loading of Dynamic Link Libraries have been discovered in USB-CONVERTERCABLE DRIVER,... High Unreviewed

CVE-2024-57963 was published Feb 18, 2025

Insecure Loading of Dynamic Link Libraries have been discovered in HVAC Energy Saving Program,... High Unreviewed

CVE-2024-57964 was published Feb 18, 2025

The s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member... Moderate Unreviewed

CVE-2024-11376 was published Feb 18, 2025

The MemorialDay plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed

CVE-2024-13523 was published Feb 18, 2025

The aBlocks – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-13465 was published Feb 18, 2025

The BigBuy Dropshipping Connector for WooCommerce plugin for WordPress is vulnerable to Full Path... Moderate Unreviewed

CVE-2024-13538 was published Feb 18, 2025

The Library Bookshelves plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-13464 was published Feb 18, 2025

The WP-FormAssembly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2024-13501 was published Feb 18, 2025

The Zigaform – Form Builder Lite plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-13573 was published Feb 18, 2025

The Actionwear products sync plugin for WordPress is vulnerable to Full Path Disclosure in all... Moderate Unreviewed

CVE-2024-13535 was published Feb 18, 2025

The magayo Lottery Results plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed

CVE-2024-13522 was published Feb 18, 2025

The Open Hours – Easy Opening Hours plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2024-12813 was published Feb 18, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

244,959 advisories