Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,342
Erlang
31
GitHub Actions
22
Go
2,106
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

113,582 advisories

Loading
The Ai Image Alt Text Generator for WP plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed
CVE-2024-12177 was published Jan 30, 2025
The HTML5 chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's... Moderate Unreviewed
CVE-2024-12451 was published Jan 30, 2025
The WP Dispensary plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-12444 was published Jan 30, 2025
The Typer Core plugin for WordPress is vulnerable to Information Exposure in all versions up to,... Moderate Unreviewed
CVE-2024-12102 was published Jan 30, 2025
The W2S – Migrate WooCommerce to Shopify plugin for WordPress is vulnerable to Arbitrary File... Moderate Unreviewed
CVE-2024-12861 was published Jan 30, 2025
The Kona Gallery Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2024-13400 was published Jan 30, 2025
The WE – Testimonial Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2024-13460 was published Jan 30, 2025
The All Bootstrap Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2024-13549 was published Jan 30, 2025
The Stockdio Historical Chart plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2024-13349 was published Jan 30, 2025
The Wonder FontAwesome plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2024-13512 was published Jan 30, 2025
The Storely theme for WordPress is vulnerable to Stored Cross-Site Scripting via a malicious... Moderate Unreviewed
CVE-2024-10847 was published Jan 30, 2025
A vulnerability was found in Cianet ONU GW24AC up to 20250127. It has been declared as... Moderate Unreviewed
CVE-2025-0869 was published Jan 30, 2025
The Alex Reservations: Smart Restaurant Booking plugin for WordPress is vulnerable to Stored... Moderate Unreviewed
CVE-2024-13380 was published Jan 30, 2025
The Automatically Hierarchic Categories in Menu plugin for WordPress is vulnerable to Stored... Moderate Unreviewed
CVE-2024-13466 was published Jan 30, 2025
A vulnerability was found in Axiomatic Bento4 up to 1.6.0-641. It has been rated as critical.... Moderate Unreviewed
CVE-2025-0870 was published Jan 30, 2025
The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for... Moderate Unreviewed
CVE-2024-11583 was published Jan 30, 2025
A Reflected Cross-Site Scripting vulnerability has been found in EmbedAI 2.1 and below. This... Moderate Unreviewed
CVE-2025-0746 was published Jan 30, 2025
IBM App Connect Enterprise Certified Container 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1... Moderate Unreviewed
CVE-2022-43916 was published Jan 30, 2025
An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This... Moderate Unreviewed
CVE-2025-0742 was published Jan 30, 2025
An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This... Moderate Unreviewed
CVE-2025-0741 was published Jan 30, 2025
An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This... Moderate Unreviewed
CVE-2025-0743 was published Jan 30, 2025
The Clinked Client Portal plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2024-12524 was published Jan 30, 2025
The WP Image Uploader plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via... Moderate Unreviewed
CVE-2024-13706 was published Jan 30, 2025
The Simple:Press Forum plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via... Moderate Unreviewed
CVE-2024-12409 was published Jan 30, 2025
The VR-Frases (collect & share quotes) plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed
CVE-2025-0860 was published Jan 30, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database