GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,972
Erlang
29
GitHub Actions
16
Go
1,762
Maven
4,983
npm
3,518
NuGet
609
pip
3,094
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
100,773 advisories
Filter by severity
The miniOrange's Google Authenticator plugin for WordPress is vulnerable to authorization bypass...
Moderate
Unreviewed
CVE-2022-4943
was published
Oct 20, 2023
The WooCommerce Dynamic Pricing and Discounts plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2021-4353
was published
Oct 20, 2023
The WP Cerber Security plugin for WordPress is vulnerable to stored cross-site scripting via the...
Moderate
Unreviewed
CVE-2022-4712
was published
Oct 20, 2023
Stored XSS Vulnerability in M-Files Classic Web versions before 23.10 and LTS Service Release...
Moderate
Unreviewed
CVE-2023-2325
was published
Oct 20, 2023
The Auto Amazon Links plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2023-4482
was published
Oct 20, 2023
The BEAR for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and...
Moderate
Unreviewed
CVE-2023-4937
was published
Oct 20, 2023
The WPLegalPages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via ...
Moderate
Unreviewed
CVE-2023-4968
was published
Oct 20, 2023
The Photospace Responsive plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
Moderate
Unreviewed
CVE-2023-4271
was published
Oct 20, 2023
The iframe plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `iframe`...
Moderate
Unreviewed
CVE-2023-4919
was published
Oct 20, 2023
The BEAR for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and...
Moderate
Unreviewed
CVE-2023-4942
was published
Oct 20, 2023
The BEAR for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and...
Moderate
Unreviewed
CVE-2023-4940
was published
Oct 20, 2023
The BEAR for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and...
Moderate
Unreviewed
CVE-2023-4935
was published
Oct 20, 2023
The Waiting: One-click countdowns plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2022-4954
was published
Oct 20, 2023
The WooCommerce EAN Payment Gateway plugin for WordPress is vulnerable to unauthorized...
Moderate
Unreviewed
CVE-2023-4947
was published
Oct 20, 2023
The Fancy Product Designer plugin for WordPress is vulnerable to unauthorized access to data and...
Moderate
Unreviewed
CVE-2021-4335
was published
Oct 20, 2023
The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to Directory...
Moderate
Unreviewed
CVE-2023-4274
was published
Oct 20, 2023
The Slimstat Analytics plugin for WordPress is vulnerable to SQL Injection via the plugin's...
Moderate
Unreviewed
CVE-2023-4598
was published
Oct 20, 2023
The BEAR for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1...
Moderate
Unreviewed
CVE-2023-4943
was published
Oct 20, 2023
The QAD Search Server is vulnerable to Stored Cross-Site Scripting (XSS) in versions up to, and...
Moderate
Unreviewed
CVE-2023-45471
was published
Oct 20, 2023
Stored Cross-Site Scripting (XSS) vulnerability in the Company field in the "Request a Quote"...
Moderate
Unreviewed
CVE-2023-45394
was published
Oct 20, 2023
The Theme Switcha plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2023-5614
was published
Oct 20, 2023
The WhatsApp Share Button plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
Moderate
Unreviewed
CVE-2023-5668
was published
Oct 20, 2023
The Super Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2023-5613
was published
Oct 20, 2023
Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker...
Moderate
Unreviewed
CVE-2023-43344
was published
Oct 20, 2023
The leakage of the client secret in Kaibutsunosato v13.6.1 allows attackers to obtain the channel...
Moderate
Unreviewed
CVE-2023-39731
was published
Oct 20, 2023
ProTip!
Advisories are also available from the
GraphQL API