GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
104,538 advisories
Filter by severity
The Advanced Database Cleaner plugin for WordPress is vulnerable to PHP Object Injection in all...
Moderate
Unreviewed
CVE-2024-0668
was published
Feb 6, 2024
The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce...
Moderate
Unreviewed
CVE-2024-0954
was published
Feb 6, 2024
The Advanced Forms for ACF plugin for WordPress is vulnerable to unauthorized access of data due...
Moderate
Unreviewed
CVE-2024-1121
was published
Feb 6, 2024
The ARMember plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions...
Moderate
Unreviewed
CVE-2024-0969
was published
Feb 6, 2024
The UserPro plugin for WordPress is vulnerable to Security Feature Bypass in all versions up to,...
Moderate
Unreviewed
CVE-2024-0701
was published
Feb 6, 2024
The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2024-0255
was published
Feb 6, 2024
The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2023-6808
was published
Feb 6, 2024
The Advanced Custom Fields (ACF) plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2023-6701
was published
Feb 6, 2024
This plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode...
Moderate
Unreviewed
CVE-2023-6884
was published
Feb 6, 2024
The GeneratePress Premium plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
Moderate
Unreviewed
CVE-2023-6807
was published
Feb 6, 2024
The Author Box, Guest Author and Co-Authors for Your Posts – Molongui plugin for WordPress is...
Moderate
Unreviewed
CVE-2023-7014
was published
Feb 6, 2024
The Display custom fields in the frontend – Post and User Profile Fields plugin for WordPress is...
Moderate
Unreviewed
CVE-2023-6983
was published
Feb 6, 2024
The Display custom fields in the frontend – Post and User Profile Fields plugin for WordPress is...
Moderate
Unreviewed
CVE-2023-6982
was published
Feb 6, 2024
The (Simply) Guest Author Name plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-0254
was published
Feb 6, 2024
The WordPress Button Plugin MaxButtons plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2023-7029
was published
Feb 6, 2024
The 10Web AI Assistant – AI content writing assistant plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2023-6985
was published
Feb 6, 2024
The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of...
Moderate
Unreviewed
CVE-2023-6959
was published
Feb 6, 2024
The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to CAPTCHA Bypass in versions up...
Moderate
Unreviewed
CVE-2023-6963
was published
Feb 6, 2024
The PDF Generator For Fluent Forms – The Contact Form Plugin plugin for WordPress is vulnerable...
Moderate
Unreviewed
CVE-2023-6953
was published
Feb 6, 2024
An uncontrolled resource consumption vulnerability issue that could arise by sending crafted...
Moderate
Unreviewed
CVE-2023-22819
was published
Feb 6, 2024
The WPvivid plugin for WordPress is vulnerable to unauthorized access of data due to a missing...
Moderate
Unreviewed
CVE-2023-4637
was published
Feb 6, 2024
The Meta Box – WordPress Custom Fields Framework plugin for WordPress is vulnerable to Stored...
Moderate
Unreviewed
CVE-2023-6526
was published
Feb 6, 2024
Server-side request forgery (SSRF) vulnerability that could allow a rogue server on the local...
Moderate
Unreviewed
CVE-2023-22817
was published
Feb 6, 2024
The The Events Calendar plugin for WordPress is vulnerable to Sensitive Information Exposure in...
Moderate
Unreviewed
CVE-2023-6557
was published
Feb 6, 2024
StorageGRID (formerly StorageGRID Webscale) versions 11.6.0 through
11.6.0.13 are susceptible to...
Moderate
Unreviewed
CVE-2023-27318
was published
Feb 5, 2024
ProTip!
Advisories are also available from the
GraphQL API