Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,466
Erlang
33
GitHub Actions
23
Go
2,166
Maven
5,000+
npm
3,829
NuGet
696
pip
3,507
Pub
12
RubyGems
909
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+

32,694 advisories

Loading
The SlingBlocks – Gutenberg Blocks by FunnelKit (Formerly WooFunnels) plugin for WordPress is... Moderate Unreviewed
CVE-2024-13675 was published Mar 8, 2025
The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress... Moderate Unreviewed
CVE-2025-1664 was published Mar 8, 2025
The 140+ Widgets | Xpro Addons For Elementor – FREE plugin for WordPress is vulnerable to Stored... Moderate Unreviewed
CVE-2024-13649 was published Mar 8, 2025
The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu,... Moderate Unreviewed
CVE-2025-1287 was published Mar 8, 2025
The FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel plugin for... Moderate Unreviewed
CVE-2024-12119 was published Mar 8, 2025
The Years Since – Timeless Texts plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-12460 was published Mar 8, 2025
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to DOM-Based... Moderate Unreviewed
CVE-2025-1261 was published Mar 8, 2025
An XSS issue was discovered in the Bootstrap Lite theme before 1.x-1.4.5 for Backdrop CMS. It... Moderate Unreviewed
CVE-2025-27826 was published Mar 8, 2025
An issue was discovered in the Mail Disguise module before 1.x-1.0.5 for Backdrop CMS. It enables... Moderate Unreviewed
CVE-2025-27823 was published Mar 8, 2025
An XSS issue was discovered in the Link iframe formatter module before 1.x-1.1.1 for Backdrop CMS... Moderate Unreviewed
CVE-2025-27824 was published Mar 8, 2025
An XSS issue was discovered in the Bootstrap 5 Lite theme before 1.x-1.0.3 for Backdrop CMS. It... Moderate Unreviewed
CVE-2025-27825 was published Mar 8, 2025
A vulnerability classified as problematic was found in StarSea99 starsea-mall 1.0. This... Moderate Unreviewed
CVE-2025-2086 was published Mar 7, 2025
A vulnerability, which was classified as problematic, has been found in StarSea99 starsea-mall 1... Moderate Unreviewed
CVE-2025-2087 was published Mar 7, 2025
A vulnerability was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. It... Moderate Unreviewed
CVE-2025-2084 was published Mar 7, 2025
The Advanced File Manager — Ultimate WordPress File Manager and Document Library Plugin plugin... Moderate Unreviewed
CVE-2024-13805 was published Mar 7, 2025
A vulnerability classified as problematic has been found in StarSea99 starsea-mall 1.0. This... Moderate Unreviewed
CVE-2025-2085 was published Mar 7, 2025
The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for... Moderate Unreviewed
CVE-2024-13431 was published Mar 7, 2025
The Flexmls® IDX Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2025-0863 was published Mar 7, 2025
The Wishlist plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ... Moderate Unreviewed
CVE-2024-12809 was published Mar 7, 2025
A vulnerability was found in code-projects Online Ticket Reservation System 1.0. It has been... Moderate Unreviewed
CVE-2025-2061 was published Mar 7, 2025
A vulnerability classified as problematic has been found in code-projects Blood Bank System 1.0.... Moderate Unreviewed
CVE-2025-2049 was published Mar 7, 2025
A vulnerability was found in PHPGurukul Art Gallery Management System 1.0. It has been classified... Moderate Unreviewed
CVE-2025-2047 was published Mar 7, 2025
A cross-site scripting (XSS) vulnerability in Emlog Pro v2.5.4 allows attackers to execute... High Unreviewed
CVE-2025-25823 was published Mar 6, 2025
A cross-site scripting (XSS) vulnerability in Emlog Pro v2.5.4 allows attackers to execute... High Unreviewed
CVE-2025-25825 was published Mar 6, 2025
NocoDB Vulnerable to Reflected Cross-Site Scripting on Reset Password Page Moderate
CVE-2025-27506 was published for nocodb (npm) Mar 6, 2025
xL34K3D gabrielott
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database