GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,099
Composer 4,077
Erlang 29
GitHub Actions 19
Go 1,903
Maven 5,100
npm 3,632
NuGet 638
pip 3,249
Pub 10
RubyGems 864
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,473

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

24,608 advisories

Filter by severity

Sort by

Least recently updated

The Roles & Capabilities plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due... Moderate Unreviewed

CVE-2024-8732 was published Sep 13, 2024

The Email Obfuscate Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2024-8747 was published Sep 13, 2024

The Exit Notifier plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the... Moderate Unreviewed

CVE-2024-8730 was published Sep 13, 2024

The Cron Jobs plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use... Moderate Unreviewed

CVE-2024-8731 was published Sep 13, 2024

The Lucas String Replace plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due... Moderate Unreviewed

CVE-2024-8734 was published Sep 13, 2024

The PDF Thumbnail Generator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting... Moderate Unreviewed

CVE-2024-8737 was published Sep 13, 2024

The Tweaker5 theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’... Moderate Unreviewed

CVE-2024-5870 was published Sep 13, 2024

The Triton Lite theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'url'... Moderate Unreviewed

CVE-2024-5789 was published Sep 13, 2024

The Beauty theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2024-5884 was published Sep 13, 2024

The Neighborly theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’... Moderate Unreviewed

CVE-2024-5869 was published Sep 13, 2024

The Delicate theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'link'... Moderate Unreviewed

CVE-2024-5867 was published Sep 13, 2024

The WP Test Email plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the... Moderate Unreviewed

CVE-2024-8664 was published Sep 13, 2024

The YITH Custom Login plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to... Moderate Unreviewed

CVE-2024-8665 was published Sep 13, 2024

The Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce... Moderate Unreviewed

CVE-2024-8742 was published Sep 13, 2024

The Betheme theme for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads... Moderate Unreviewed

CVE-2024-5567 was published Sep 13, 2024

The WP Simple Booking Calendar plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed

CVE-2024-8663 was published Sep 13, 2024

The Avada | Website Builder For WordPress & eCommerce plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-5628 was published Sep 13, 2024

The WPFactory Helper plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to... Moderate Unreviewed

CVE-2024-8656 was published Sep 13, 2024

ORDAT FOSS-Online before version 2.24.01 was discovered to contain a reflected cross-site... Moderate Unreviewed

CVE-2024-34335 was published Sep 12, 2024

A remote code execution (RCE) vulnerability via crafted extension description/changelog could be... Critical Unreviewed

CVE-2024-8695 was published Sep 12, 2024

Cross Site Scripting (XSS) Vulnerability in Firewall menu in Control Panel in KASDA KW5515... Moderate Unreviewed

CVE-2020-24061 was published Sep 12, 2024

A remote code execution (RCE) vulnerability via crafted extension publisher-url/additional-urls... High Unreviewed

CVE-2024-8696 was published Sep 12, 2024

Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an XSS issue with App name. Moderate Unreviewed

CVE-2024-6700 was published Sep 12, 2024

Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an HTML Injection issue with Stage. Moderate Unreviewed

CVE-2024-6702 was published Sep 12, 2024

Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an XSS issue with case type. Moderate Unreviewed

CVE-2024-6701 was published Sep 12, 2024

Previous 1 2 3 4 5 6 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

24,608 advisories