GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,599
Composer 4,464
Erlang 33
GitHub Actions 22
Go 2,163
Maven 5,348
npm 3,821
NuGet 696
pip 3,502
Pub 12
RubyGems 909
Rust 904
Swift 38

Unreviewed advisories

All unreviewed 247,599

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

4,001 advisories

Filter by severity

Sort by

Least recently updated

The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-2104 was published Mar 13, 2025

The CRM and Lead Management by vcita plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed

CVE-2024-13703 was published Mar 13, 2025

The WP Crowdfunding plugin for WordPress is vulnerable to unauthorized access of data due to a... Moderate Unreviewed

CVE-2025-1508 was published Mar 12, 2025

Missing Authorization vulnerability in Bjoern WP Performance Pack allows Exploiting Incorrectly... Moderate Unreviewed

CVE-2025-28938 was published Mar 11, 2025

Missing Authorization vulnerability in Jogesh Responsive Google Map allows Exploiting Incorrectly... Moderate Unreviewed

CVE-2025-28920 was published Mar 11, 2025

Missing Authorization vulnerability in jwpegram Block Spam By Math Reloaded allows Accessing... Moderate Unreviewed

CVE-2025-28872 was published Mar 11, 2025

SAP Just In Time(JIT) does not perform necessary authorization checks for an authenticated user,... Low Unreviewed

CVE-2025-26655 was published Mar 11, 2025

OData Service in Manage Purchasing Info Records does not perform necessary authorization checks... Moderate Unreviewed

CVE-2025-26656 was published Mar 11, 2025

Due to missing authorization check, SAP NetWeaver (ABAP Class Builder) allows an attacker to gain... High Unreviewed

CVE-2025-26661 was published Mar 11, 2025

The eDocument Cockpit (Inbound NF-e) in SAP Electronic Invoicing for Brazil allows an... Low Unreviewed

CVE-2025-27432 was published Mar 11, 2025

An authenticated user with low privileges can exploit a missing authorization check in an IBS... Moderate Unreviewed

CVE-2025-23188 was published Mar 11, 2025

SAP Business Warehouse (Process Chains) allows an attacker to manipulate the process execution... Moderate Unreviewed

CVE-2025-25244 was published Mar 11, 2025

The RomethemeKit For Elementor plugin for WordPress is vulnerable to unauthorized modification of... Moderate Unreviewed

CVE-2024-10326 was published Mar 8, 2025

The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-1325 was published Mar 8, 2025

The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit... Moderate Unreviewed

CVE-2024-13816 was published Mar 8, 2025

The Post Lockdown plugin for WordPress is vulnerable to Information Exposure in all versions up... Moderate Unreviewed

CVE-2025-1504 was published Mar 8, 2025

The Shortcode Cleaner Lite plugin for WordPress is vulnerable to unauthorized access of data due... Moderate Unreviewed

CVE-2025-1481 was published Mar 8, 2025

The School Management System for Wordpress plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed

CVE-2024-12610 was published Mar 7, 2025

The School Management System for Wordpress plugin for WordPress is vulnerable to Reflected Cross... Moderate Unreviewed

CVE-2024-12611 was published Mar 7, 2025

The Golo - City Travel Guide WordPress Theme theme for WordPress is vulnerable to privilege... Critical Unreviewed

CVE-2024-12876 was published Mar 7, 2025

The UiPress lite | Effortless custom dashboards, admin themes and pages plugin for WordPress is... High Unreviewed

CVE-2025-1309 was published Mar 7, 2025

The Flex Mag - Responsive WordPress News Theme theme for WordPress is vulnerable to unauthorized... High Unreviewed

CVE-2024-13655 was published Mar 7, 2025

The EventPrime – Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-13526 was published Mar 7, 2025

The Cookie banner plugin for WordPress – Cookiebot CMP by Usercentrics plugin for WordPress is... Moderate Unreviewed

CVE-2025-1666 was published Mar 6, 2025

The Sparkling theme for WordPress is vulnerable to unauthorized plugin activation/deactivation... Moderate Unreviewed

CVE-2024-13423 was published Mar 5, 2025

Previous 1 2 3 4 5 … 160 161 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

4,001 advisories