GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,750
Maven
5,000+
npm
4,356
NuGet
765
pip
4,120
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+
8,333 advisories
Filter by severity
Cross-Site Request Forgery (CSRF) vulnerability in ThimPress WP Hotel Booking wp-hotel-booking...
Moderate
Unreviewed
CVE-2025-63012
was published
Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Michael Revellin-Clerc Media Library...
Moderate
Unreviewed
CVE-2025-62734
was published
Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in ProteusThemes Custom Sidebars by ProteusThemes...
Moderate
Unreviewed
CVE-2025-62733
was published
Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in photoboxone SMTP Mail smtp-mail allows Cross...
Moderate
Unreviewed
CVE-2025-62762
was published
Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Valerio Monti Auto Alt Text auto-alt-text...
Moderate
Unreviewed
CVE-2025-62866
was published
Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Flashyapp WP Flashy Marketing Automation wp...
Moderate
Unreviewed
CVE-2025-62873
was published
Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Alex Prokopenko / JustCoded Just TinyMCE...
Moderate
Unreviewed
CVE-2025-62871
was published
Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in JK Social Photo Fetcher facebook-photo-fetcher...
Moderate
Unreviewed
CVE-2025-62872
was published
Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in SaifuMak Add Custom Codes add-custom-codes...
High
Unreviewed
CVE-2025-62739
was published
Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in wpmediadownload Media Library File Download...
Moderate
Unreviewed
CVE-2025-62103
was published
Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Badi Jones Duplicate Content Cure duplicate...
Moderate
Unreviewed
CVE-2025-59132
was published
Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in apasionados DoFollow Case by Case dofollow...
Moderate
Unreviewed
CVE-2025-62102
was published
Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Jupitercow WP sIFR wp-sifr allows Stored XSS...
High
Unreviewed
CVE-2025-49347
was published
Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Valentin Agachi Create Posts & Terms...
High
Unreviewed
CVE-2025-49351
was published
Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Alex Furr PDF Creator Lite pdf-creator-lite...
High
Unreviewed
CVE-2025-49341
was published
Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Personal Project Panilux allows Cross Site...
Critical
Unreviewed
CVE-2025-11022
was published
Dec 9, 2025
Some endpoints in vulnerability-lookup that modified
application state (e.g. changing database...
High
Unreviewed
CVE-2025-42616
was published
Dec 8, 2025
phpIPAM v1.7.3 contains a Cross-Site Request Forgery (CSRF) vulnerability in the database export...
Low
Unreviewed
CVE-2025-60912
was published
Dec 8, 2025
A vulnerability has been found in fit2cloud Halo 2.21.10. Impacted is an unknown function. The...
Moderate
Unreviewed
CVE-2025-14117
was published
Dec 6, 2025
The WP Landing Page plugin for WordPress is vulnerable to Cross-Site Request Forgery in all...
Moderate
Unreviewed
CVE-2025-13629
was published
Dec 6, 2025
The User Generator and Importer plugin for WordPress is vulnerable to Cross-Site Request Forgery...
High
Unreviewed
CVE-2025-12879
was published
Dec 5, 2025
The ARK Related Posts plugin for WordPress is vulnerable to Cross-Site Request Forgery in version...
Moderate
Unreviewed
CVE-2025-13684
was published
Dec 5, 2025
The WC Vendors – WooCommerce Multivendor, WooCommerce Marketplace, Product Vendors plugin for...
Moderate
Unreviewed
CVE-2025-12130
was published
Dec 5, 2025
The Torod – The smart shipping and delivery portal for e-shops and retailers plugin for WordPress...
Moderate
Unreviewed
CVE-2025-12373
was published
Dec 5, 2025
The dream gallery plugin for WordPress is vulnerable to Cross-Site Request Forgery in all...
Moderate
Unreviewed
CVE-2025-13621
was published
Dec 5, 2025
ProTip!
Advisories are also available from the
GraphQL API