GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,410
Composer 3,972
Erlang 29
GitHub Actions 16
Go 1,762
Maven 4,983
npm 3,518
NuGet 609
pip 3,094
Pub 10
RubyGems 833
Rust 782
Swift 34

Unreviewed advisories

All unreviewed 221,724

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

100,773 advisories

Filter by severity

Sort by

Least recently updated

The miniOrange's Google Authenticator plugin for WordPress is vulnerable to authorization bypass... Moderate Unreviewed

CVE-2022-4943 was published Oct 20, 2023

The WooCommerce Dynamic Pricing and Discounts plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2021-4353 was published Oct 20, 2023

The WP Cerber Security plugin for WordPress is vulnerable to stored cross-site scripting via the... Moderate Unreviewed

CVE-2022-4712 was published Oct 20, 2023

Stored XSS Vulnerability in M-Files Classic Web versions before 23.10 and LTS Service Release... Moderate Unreviewed

CVE-2023-2325 was published Oct 20, 2023

The Auto Amazon Links plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2023-4482 was published Oct 20, 2023

The BEAR for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and... Moderate Unreviewed

CVE-2023-4937 was published Oct 20, 2023

The WPLegalPages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via ... Moderate Unreviewed

CVE-2023-4968 was published Oct 20, 2023

The Photospace Responsive plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2023-4271 was published Oct 20, 2023

The iframe plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `iframe`... Moderate Unreviewed

CVE-2023-4919 was published Oct 20, 2023

The BEAR for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and... Moderate Unreviewed

CVE-2023-4942 was published Oct 20, 2023

The BEAR for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and... Moderate Unreviewed

CVE-2023-4940 was published Oct 20, 2023

The BEAR for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and... Moderate Unreviewed

CVE-2023-4935 was published Oct 20, 2023

The Waiting: One-click countdowns plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2022-4954 was published Oct 20, 2023

The WooCommerce EAN Payment Gateway plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed

CVE-2023-4947 was published Oct 20, 2023

The Fancy Product Designer plugin for WordPress is vulnerable to unauthorized access to data and... Moderate Unreviewed

CVE-2021-4335 was published Oct 20, 2023

The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to Directory... Moderate Unreviewed

CVE-2023-4274 was published Oct 20, 2023

The Slimstat Analytics plugin for WordPress is vulnerable to SQL Injection via the plugin's... Moderate Unreviewed

CVE-2023-4598 was published Oct 20, 2023

The BEAR for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1... Moderate Unreviewed

CVE-2023-4943 was published Oct 20, 2023

The QAD Search Server is vulnerable to Stored Cross-Site Scripting (XSS) in versions up to, and... Moderate Unreviewed

CVE-2023-45471 was published Oct 20, 2023

Stored Cross-Site Scripting (XSS) vulnerability in the Company field in the "Request a Quote"... Moderate Unreviewed

CVE-2023-45394 was published Oct 20, 2023

The Theme Switcha plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2023-5614 was published Oct 20, 2023

The WhatsApp Share Button plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2023-5668 was published Oct 20, 2023

The Super Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2023-5613 was published Oct 20, 2023

Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker... Moderate Unreviewed

CVE-2023-43344 was published Oct 20, 2023

The leakage of the client secret in Kaibutsunosato v13.6.1 allows attackers to obtain the channel... Moderate Unreviewed

CVE-2023-39731 was published Oct 20, 2023

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

100,773 advisories