GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
104,538 advisories
Filter by severity
The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-0961
was published
Feb 6, 2024
The Royal Elementor Kit theme for WordPress is vulnerable to unauthorized arbitrary transient...
Moderate
Unreviewed
CVE-2024-0835
was published
Feb 6, 2024
The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-0834
was published
Feb 6, 2024
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile &...
Moderate
Unreviewed
CVE-2024-1046
was published
Feb 6, 2024
The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all...
Moderate
Unreviewed
CVE-2024-1208
was published
Feb 6, 2024
The WP Club Manager – WordPress Sports Club Plugin plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-1177
was published
Feb 6, 2024
The Easy Digital Downloads – Sell Digital Files (eCommerce Store & Payments Made Easy) plugin for...
Moderate
Unreviewed
CVE-2024-0659
was published
Feb 6, 2024
The Starbox – the Author Box for Humans plugin for WordPress is vulnerable to Insecure Direct...
Moderate
Unreviewed
CVE-2024-0366
was published
Feb 6, 2024
The Advanced Database Cleaner plugin for WordPress is vulnerable to PHP Object Injection in all...
Moderate
Unreviewed
CVE-2024-0668
was published
Feb 6, 2024
The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce...
Moderate
Unreviewed
CVE-2024-0954
was published
Feb 6, 2024
The Advanced Forms for ACF plugin for WordPress is vulnerable to unauthorized access of data due...
Moderate
Unreviewed
CVE-2024-1121
was published
Feb 6, 2024
The Formidable Forms – Contact Form, Survey, Quiz, Payment, Calculator Form & Custom Form Builder...
Moderate
Unreviewed
CVE-2024-0660
was published
Feb 6, 2024
The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-0597
was published
Feb 6, 2024
The WOLF – WordPress Posts Bulk Editor and Manager Professional plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-0790
was published
Feb 6, 2024
The Active Products Tables for WooCommerce. Professional products tables for WooCommerce store...
Moderate
Unreviewed
CVE-2024-0797
was published
Feb 6, 2024
The Active Products Tables for WooCommerce. Professional products tables for WooCommerce store...
Moderate
Unreviewed
CVE-2024-0796
was published
Feb 6, 2024
The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator...
Moderate
Unreviewed
CVE-2024-1092
was published
Feb 6, 2024
The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-0823
was published
Feb 6, 2024
The Affiliates Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all...
Moderate
Unreviewed
CVE-2024-0859
was published
Feb 6, 2024
The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-0448
was published
Feb 6, 2024
The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce...
Moderate
Unreviewed
CVE-2024-0586
was published
Feb 6, 2024
The Content Views – Post Grid, Slider, Accordion (Gutenberg Blocks and Shortcode) plugin for...
Moderate
Unreviewed
CVE-2024-0612
was published
Feb 6, 2024
The FileBird plugin for WordPress is vulnerable to Stored Cross-Site Scripting via imported...
Moderate
Unreviewed
CVE-2024-0691
was published
Feb 6, 2024
The Order Delivery Date for WP e-Commerce plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-0678
was published
Feb 6, 2024
The WP RSS Aggregator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2024-0630
was published
Feb 6, 2024
ProTip!
Advisories are also available from the
GraphQL API