GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,028
Composer 5,080
Erlang 39
GitHub Actions 38
Go 2,750
Maven 6,169
npm 4,353
NuGet 765
pip 4,114
Pub 12
RubyGems 960
Rust 1,069
Swift 45

Unreviewed advisories

All unreviewed 280,588

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

38,932 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Kingcabs theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-7058 was published Dec 13, 2025

The JetWidgets For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2025-8195 was published Dec 13, 2025

The King Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2025-7960 was published Dec 13, 2025

The MarqueeAddons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-8199 was published Dec 13, 2025

ShineLan-X contains a stored cross site scripting (XSS) vulnerability in the local configuration... High Unreviewed

CVE-2025-36748 was published Dec 13, 2025

ShineLan-X contains a stored cross site scripting (XSS) vulnerability in the Plant Name field. A... High Unreviewed

CVE-2025-36750 was published Dec 13, 2025

The YITH WooCommerce Quick View plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2025-8617 was published Dec 13, 2025

The Enter Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin... Moderate Unreviewed

CVE-2025-8687 was published Dec 13, 2025

The Livemesh SiteOrigin Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2025-8780 was published Dec 13, 2025

The All-in-One Addons for Elementor – WidgetKit plugin for WordPress is vulnerable to Stored... Moderate Unreviewed

CVE-2025-8779 was published Dec 13, 2025

The Redux Framework plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-9488 was published Dec 13, 2025

The a3 Lazy Load plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all... Moderate Unreviewed

CVE-2025-9873 was published Dec 13, 2025

The Popup Builder – Create highly converting, mobile friendly marketing popups. plugin for... Moderate Unreviewed

CVE-2025-9856 was published Dec 13, 2025

The Quick Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-14378 was published Dec 13, 2025

The Custom Frames plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-13705 was published Dec 13, 2025

The Custom Post Type UI plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-14056 was published Dec 13, 2025

The WP to LinkedIn Auto Publish plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed

CVE-2025-12077 was published Dec 13, 2025

The Social Media Auto Publish plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed

CVE-2025-12076 was published Dec 13, 2025

The Header Footer Script Adder – Insert Code in Header, Body & Footer plugin for WordPress is... Moderate Unreviewed

CVE-2025-12109 was published Dec 13, 2025

The HT Slider for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-14278 was published Dec 13, 2025

The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-11376 was published Dec 13, 2025

The CISA Software Acquisition Guide Supplier Response Web Tool before 2025-12-11 was vulnerable... Moderate Unreviewed

CVE-2025-67634 was published Dec 12, 2025

Vuetify has a Cross-site Scripting (XSS) vulnerability in the VDatePicker component Moderate

CVE-2025-8082 was published for vuetify (npm) Dec 12, 2025

WonderCMS 4.3.2 contains a cross-site scripting vulnerability that allows attackers to inject... High Unreviewed

CVE-2024-58305 was published Dec 12, 2025

A security vulnerability has been detected in Qualitor up to 8.24.73. The impacted element is an... Moderate Unreviewed

CVE-2025-14580 was published Dec 12, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

38,932 advisories