Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,743
Erlang
35
GitHub Actions
29
Go
2,315
Maven
5,000+
npm
3,949
NuGet
711
pip
3,729
Pub
12
RubyGems
920
Rust
965
Swift
38
Unreviewed advisories
All unreviewed
5,000+

30,291 advisories

Loading
The User Submitted Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2023-4308 was published Aug 21, 2023
Cross Site Scripting vulnerability in ZeroWdd studentmanager v.1.0 allows a remote attacker to... Moderate Unreviewed
CVE-2023-39094 was published Aug 21, 2023
The Bit Assist WordPress plugin before 1.1.9 does not sanitise and escape some of its settings,... Moderate Unreviewed
CVE-2023-3667 was published Aug 21, 2023
The Blog2Social WordPress plugin before 7.2.1 does not sanitise and escape a parameter before... Moderate Unreviewed
CVE-2023-3936 was published Aug 21, 2023
The MultiParcels Shipping For WooCommerce WordPress plugin before 1.15.4 does not sanitise and... Moderate Unreviewed
CVE-2023-3954 was published Aug 21, 2023
Cross-site scripting vulnerability in Advanced Custom Fields versions 6.1.0 to 6.1.7 and Advanced... Moderate Unreviewed
CVE-2023-40068 was published Aug 21, 2023
Cross-site scripting vulnerability in LuxCal Web Calendar prior to 5.2.3M (MySQL version) and... Moderate Unreviewed
CVE-2023-39543 was published Aug 21, 2023
Cockpit Cross-site Scripting vulnerability Moderate
CVE-2023-4451 was published for cockpit-hq/cockpit (Composer) Aug 20, 2023
Cockpit Cross-site Scripting vulnerability Moderate
CVE-2023-4422 was published for cockpit-hq/cockpit (Composer) Aug 18, 2023
A Cross-Site Scripting (XSS) vulnerability in CSZ CMS 1.3.0 allows attackers to execute arbitrary... Moderate Unreviewed
CVE-2023-38911 was published Aug 18, 2023
CSZ CMS 1.3.0 is vulnerable to cross-site scripting (XSS), which allows attackers to execute... Moderate Unreviewed
CVE-2023-38910 was published Aug 18, 2023
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Daniel Powney Multi Rating... Moderate Unreviewed
CVE-2023-32130 was published Aug 18, 2023
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Spiffy Plugins Spiffy Calendar... Moderate Unreviewed
CVE-2023-32122 was published Aug 18, 2023
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in CreativeMindsSolutions CM On... Moderate Unreviewed
CVE-2023-31228 was published Aug 18, 2023
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ignazio Scimone Albo Pretorio On... Moderate Unreviewed
CVE-2023-32108 was published Aug 18, 2023
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Theme Palace TP Education... Moderate Unreviewed
CVE-2023-32103 was published Aug 18, 2023
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Lauri Karisola / WP Trio Stock Sync... Moderate Unreviewed
CVE-2023-31094 was published Aug 18, 2023
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Julien Crego Manager for... Moderate Unreviewed
CVE-2023-29387 was published Aug 18, 2023
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ignazio Scimone Albo Pretorio On... Moderate Unreviewed
CVE-2023-32109 was published Aug 18, 2023
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FolioVision FV Flowplayer Video... Moderate Unreviewed
CVE-2023-30499 was published Aug 18, 2023
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Fahad Mahmood WP Docs plugin <= 1.9... Moderate Unreviewed
CVE-2023-32106 was published Aug 18, 2023
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ollybach WPPizza – A Restaurant... Moderate Unreviewed
CVE-2023-32105 was published Aug 18, 2023
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Photo Gallery Team Photo Gallery by... Moderate Unreviewed
CVE-2023-32107 was published Aug 18, 2023
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in David Artiss Plugins List... Moderate Unreviewed
CVE-2023-31232 was published Aug 18, 2023
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in All My Web Needs Logo Scheduler... Moderate Unreviewed
CVE-2023-30875 was published Aug 18, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database