Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,746
Erlang
35
GitHub Actions
29
Go
2,319
Maven
5,000+
npm
3,955
NuGet
712
pip
3,736
Pub
12
RubyGems
920
Rust
972
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,530 advisories

Loading
The Calculated Fields Form WordPress plugin before 5.2.62 does not sanitise and escape some of... Low Unreviewed
CVE-2024-13381 was published May 1, 2025
The WP Maps WordPress plugin before 4.7.2 does not sanitise and escape some of its Map settings,... Low Unreviewed
CVE-2025-3502 was published May 1, 2025
The WP Maps WordPress plugin before 4.7.2 does not sanitise and escape some of its Map settings,... Low Unreviewed
CVE-2025-3504 was published May 1, 2025
The Ajax Search Lite WordPress plugin before 4.12.5 does not sanitise and escape some of its... Low Unreviewed
CVE-2024-13585 was published Feb 21, 2025
The Newsletter WordPress plugin before 8.7.1 does not sanitise and escape some of its settings,... Low Unreviewed
CVE-2025-3583 was published May 5, 2025
The Carousel, Slider, Gallery by WP Carousel WordPress plugin before 2.7.4 does not sanitise and... Low Unreviewed
CVE-2024-13314 was published Feb 21, 2025
The Smart Maintenance Mode WordPress plugin before 1.5.2 does not sanitise and escape some of its... Low Unreviewed
CVE-2024-12683 was published Mar 26, 2025
The Favorites WordPress plugin before 2.3.5 does not sanitise and escape some of its settings,... Low Unreviewed
CVE-2025-1452 was published Mar 25, 2025
Dell Storage Center - Dell Storage Manager, version(s) 21.0.20, contain(s) an Improper... Low Unreviewed
CVE-2025-23379 was published May 6, 2025
The Social Share Buttons, Social Sharing Icons, Click to Tweet — Social Media Plugin by Social... Low Unreviewed
CVE-2024-13615 was published Mar 11, 2025
The WordPress Tag, Category, and Taxonomy Manager WordPress plugin before 3.30.0 does not... Low Unreviewed
CVE-2025-0627 was published Apr 28, 2025
The Ultimate Dashboard WordPress plugin before 3.8.6 does not sanitise and escape some of its... Low Unreviewed
CVE-2025-1524 was published Apr 17, 2025
The Ultimate Dashboard WordPress plugin before 3.8.6 does not sanitise and escape some of its... Low Unreviewed
CVE-2025-1525 was published Apr 17, 2025
The WP-Recall WordPress plugin before 16.26.12 does not sanitise and escape some of its settings... Low Unreviewed
CVE-2024-9771 was published Apr 28, 2025
The Calculated Fields Form WordPress plugin before 5.2.62 does not sanitise and escape some of... Low Unreviewed
CVE-2024-12273 was published Apr 29, 2025
The Ultimate Dashboard WordPress plugin before 3.8.6 does not sanitise and escape some of its... Low Unreviewed
CVE-2025-1523 was published Apr 17, 2025
The Icegram Express formerly known as Email Subscribers WordPress plugin before 5.7.52 does not... Low Unreviewed
CVE-2024-11924 was published Apr 17, 2025
Yeswiki Vulnerable to Authenticated Reflected Cross-site Scripting Low
CVE-2025-46350 was published for yeswiki/yeswiki (Composer) Apr 29, 2025
masquerad3r
YesWiki Stored XSS Vulnerability in Comments Low
CVE-2025-46346 was published for yeswiki/yeswiki (Composer) Apr 29, 2025
pizza-power
Drupal Formatter Suite Vulnerable to Cross-Site Scripting (XSS) via Link Element Attributes Low
CVE-2025-31697 was published for drupal/formatter_suite (Composer) Apr 1, 2025
Drupal RapiDoc OAS Field Formatter Cross-Site Scripting (XSS) vulnerability Low
CVE-2025-31696 was published for drupal/rapidoc_elements_field_formatter (Composer) Apr 1, 2025
Drupal Link field display mode formatter Cross-Site Scripting (XSS) vulnerability Low
CVE-2025-31695 was published for drupal/link_field_display_mode_formatter (Composer) Apr 1, 2025
Drupal SpamSpan Cross-Site Scripting (XSS) vulnerability Low
CVE-2025-31687 was published for drupal/spamspan (Composer) Apr 1, 2025
Drupal Core Cross-Site Scripting (XSS) Vulnerability Low
CVE-2025-31675 was published for drupal/core (Composer) Apr 1, 2025
The Simple Banner WordPress plugin before 3.0.4 does not sanitise and escape some of its... Low Unreviewed
CVE-2024-12769 was published Mar 25, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database