Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,780
Erlang
36
GitHub Actions
29
Go
2,338
Maven
5,000+
npm
3,973
NuGet
715
pip
3,769
Pub
12
RubyGems
923
Rust
976
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

259,905 advisories

Loading
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Galaxy Weblinks WP Clone any... Moderate Unreviewed
CVE-2025-31871 was published Apr 1, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-31883 was published Apr 1, 2025
Missing Authorization vulnerability in Galaxy Weblinks WP Clone any post type allows Exploiting... Moderate Unreviewed
CVE-2025-31872 was published Apr 1, 2025
Missing Authorization vulnerability in Magnigenie RestroPress allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2025-31877 was published Apr 1, 2025
Missing Authorization vulnerability in Dmitry V. (CEO of "UKR Solution") Barcode Generator for... Moderate Unreviewed
CVE-2025-31879 was published Apr 1, 2025
Missing Authorization vulnerability in WPWebinarSystem WebinarPress allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2025-31882 was published Apr 1, 2025
Missing Authorization vulnerability in Stylemix Pearl allows Exploiting Incorrectly Configured... Moderate Unreviewed
CVE-2025-31881 was published Apr 1, 2025
Missing Authorization vulnerability in Dmitry V. (CEO of "UKR Solution") UPC/EAN/GTIN Code... Moderate Unreviewed
CVE-2025-31878 was published Apr 1, 2025
Missing Authorization vulnerability in zookatron MyBookProgress by Stormhill Media allows... Moderate Unreviewed
CVE-2025-31887 was published Apr 1, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-31874 was published Apr 1, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-31873 was published Apr 1, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-31875 was published Apr 1, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-31884 was published Apr 1, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Stylemix Pearl allows Cross Site Request... Moderate Unreviewed
CVE-2025-31880 was published Apr 1, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-31885 was published Apr 1, 2025
Cross-Site Request Forgery (CSRF) vulnerability in WPExperts.io WP Multistore Locator allows... Moderate Unreviewed
CVE-2025-31888 was published Apr 1, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-31891 was published Apr 1, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-31890 was published Apr 1, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-31892 was published Apr 1, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-31895 was published Apr 1, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-31894 was published Apr 1, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-31897 was published Apr 1, 2025
Missing Authorization vulnerability in CartBoss SMS Abandoned Cart Recovery ✦ CartBoss allows... Moderate Unreviewed
CVE-2025-31865 was published Apr 1, 2025
Missing Authorization vulnerability in inspry Agency Toolkit allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2025-31863 was published Apr 1, 2025
Missing Authorization vulnerability in PickPlugins Job Board Manager allows Exploiting... Moderate Unreviewed
CVE-2025-31862 was published Apr 1, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database