Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,153
Maven
5,000+
npm
3,818
NuGet
693
pip
3,492
Pub
12
RubyGems
902
Rust
903
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

806 advisories

Loading
The UiPress lite | Effortless custom dashboards, admin themes and pages plugin for WordPress is... High Unreviewed
CVE-2025-1309 was published Mar 7, 2025
The Flex Mag - Responsive WordPress News Theme theme for WordPress is vulnerable to unauthorized... High Unreviewed
CVE-2024-13655 was published Mar 7, 2025
The WordPress Awesome Import & Export Plugin - Import & Export WordPress Data plugin for... High Unreviewed
CVE-2024-13232 was published Mar 5, 2025
The Animation Addons for Elementor Pro plugin for WordPress is vulnerable to unauthorized... High Unreviewed
CVE-2025-1639 was published Mar 4, 2025
Missing Authorization vulnerability in SEO Squirrly SEO Plugin by Squirrly SEO.This issue affects... High Unreviewed
CVE-2025-24654 was published Mar 3, 2025
The WHMPress - WHMCS Client Area plugin for WordPress is vulnerable to unauthorized modification... High Unreviewed
CVE-2024-9195 was published Feb 28, 2025
The Cardealer theme for WordPress is vulnerable to privilege escalation in versions up to, and... High Unreviewed
CVE-2025-1682 was published Feb 28, 2025
Missing Authorization vulnerability in revmakx DefendWP Firewall allows Exploiting Incorrectly... High Unreviewed
CVE-2025-22280 was published Feb 27, 2025
Missing Authorization vulnerability in revenueflex Auto Ad Inserter – Increase Google Adsense and... High Unreviewed
CVE-2025-27296 was published Feb 24, 2025
The Trash Duplicate and 301 Redirect plugin for WordPress is vulnerable to unauthorized loss of... High Unreviewed
CVE-2024-13468 was published Feb 19, 2025
Missing Authorization vulnerability in Vito Peleg Atarim allows Exploiting Incorrectly Configured... High Unreviewed
CVE-2025-22657 was published Feb 18, 2025
The GetBookingsWP – Appointments Booking Calendar Plugin For WordPress plugin for WordPress is... High Unreviewed
CVE-2024-13677 was published Feb 18, 2025
The Affiliate Links: WordPress Plugin for Link Cloaking and Link Management plugin for WordPress... High Unreviewed
CVE-2024-13556 was published Feb 18, 2025
Missing Authorization vulnerability in Michael Revellin-Clerc Bulk Menu Edit allows Exploiting... High Unreviewed
CVE-2025-24692 was published Feb 14, 2025
Missing Authorization vulnerability in monetagwp Monetag Official Plugin allows Exploiting... High Unreviewed
CVE-2024-52500 was published Feb 14, 2025
A CWE-862 "Missing Authorization" in maxprofile/user-groups/routes.lua in Q-Free MaxTime less... High Unreviewed
CVE-2025-26369 was published Feb 12, 2025
A CWE-862 "Missing Authorization" in maxprofile/users/routes.lua in Q-Free MaxTime less than or... High Unreviewed
CVE-2025-26377 was published Feb 12, 2025
A CWE-862 "Missing Authorization" in maxprofile/users/routes.lua in Q-Free MaxTime less than or... High Unreviewed
CVE-2025-26378 was published Feb 12, 2025
A CWE-862 "Missing Authorization" in maxprofile/user-groups/routes.lua in Q-Free MaxTime less... High Unreviewed
CVE-2025-26370 was published Feb 12, 2025
A CWE-862 "Missing Authorization" in maxprofile/user-groups/routes.lua in Q-Free MaxTime less... High Unreviewed
CVE-2025-26368 was published Feb 12, 2025
A CWE-862 "Missing Authorization" in maxprofile/user-groups/routes.lua in Q-Free MaxTime less... High Unreviewed
CVE-2025-26372 was published Feb 12, 2025
A CWE-862 "Missing Authorization" in maxprofile/users/routes.lua in Q-Free MaxTime less than or... High Unreviewed
CVE-2025-26375 was published Feb 12, 2025
A CWE-862 "Missing Authorization" in maxprofile/user-groups/routes.lua in Q-Free MaxTime less... High Unreviewed
CVE-2025-26371 was published Feb 12, 2025
The Apus Framework plugin for WordPress is vulnerable to unauthorized modification of data that... High Unreviewed
CVE-2024-12296 was published Feb 12, 2025
The Click Mag - Viral WordPress News Magazine/Blog Theme theme for WordPress is vulnerable to... High Unreviewed
CVE-2024-13656 was published Feb 12, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database