GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
2,951 advisories
Filter by severity
The Infinite-Scroll plugin for WordPress is vulnerable to Cross-Site Request Forgery in all...
Moderate
Unreviewed
CVE-2024-10040
was published
Oct 18, 2024
dingfanzu CMS V1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the addPro...
Moderate
Unreviewed
CVE-2024-48758
was published
Oct 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in PINPOINT.WORLD Pinpoint Booking System allows...
Moderate
Unreviewed
CVE-2024-49304
was published
Oct 17, 2024
Cross-site request forgery vulnerability in Energy Management Controller with Cloud Services JH...
Moderate
Unreviewed
CVE-2024-23785
was published
Oct 17, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Sumit Surai Featured Posts with Multiple...
Moderate
Unreviewed
CVE-2024-48031
was published
Oct 17, 2024
Cross-Site Request Forgery (CSRF) vulnerability in A WP Life Contact Form Widget allows Cross...
Moderate
Unreviewed
CVE-2024-48037
was published
Oct 17, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Razon Komar Pal Linked Variation for...
Moderate
Unreviewed
CVE-2024-48047
was published
Oct 17, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Hans Matzen wp-Monalisa allows Cross Site...
Moderate
Unreviewed
CVE-2024-48038
was published
Oct 17, 2024
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-9352
was published
Oct 17, 2024
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-9351
was published
Oct 17, 2024
Cross-Site Request Forgery (CSRF) vulnerability in The Wikimedia Foundation Mediawiki - Cargo...
Moderate
Unreviewed
CVE-2024-47846
was published
Oct 5, 2024
The WP ULike – The Ultimate Engagement Toolkit for Websites plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-9649
was published
Oct 16, 2024
IBM Watson Studio Local 1.2.3 is vulnerable to cross-site request forgery which could allow an...
Moderate
Unreviewed
CVE-2024-49340
was published
Oct 16, 2024
Phpgurukul User Registration & Login and User Management System 3.2 is vulnerable to Cross Site...
Moderate
Unreviewed
CVE-2024-48278
was published
Oct 15, 2024
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions...
Moderate
Unreviewed
CVE-2024-45737
was published
Oct 14, 2024
The ImagePress – Image Gallery plugin for WordPress is vulnerable to Cross-Site Request Forgery...
Moderate
Unreviewed
CVE-2024-9778
was published
Oct 12, 2024
The Easy PayPal Gift Certificate plugin for WordPress is vulnerable to Cross-Site Request Forgery...
Moderate
Unreviewed
CVE-2024-9592
was published
Oct 12, 2024
The Link Library WordPress plugin before 7.2.8 does not have CSRF check when resetting library...
Moderate
Unreviewed
CVE-2021-25092
was published
Feb 2, 2022
The Newsletter, SMTP, Email marketing and Subscribe forms by Brevo (formely Sendinblue) plugin...
Moderate
Unreviewed
CVE-2024-8477
was published
Oct 10, 2024
The Splashscreen WordPress plugin through 0.20 does not have CSRF check in place when updating...
Moderate
Unreviewed
CVE-2023-6501
was published
Feb 12, 2024
The lasTunes WordPress plugin through 3.6.1 does not have CSRF check in some places, and is...
Moderate
Unreviewed
CVE-2023-6499
was published
Feb 12, 2024
The Snapshot Backup WordPress plugin through 2.1.1 does not have CSRF check in some places, and...
Moderate
Unreviewed
CVE-2024-7689
was published
Sep 9, 2024
The AZIndex WordPress plugin through 0.8.1 does not have CSRF check in some places, and is...
Moderate
Unreviewed
CVE-2024-7687
was published
Sep 9, 2024
The DN Popup WordPress plugin through 1.2.2 does not have CSRF check in place when updating its...
Moderate
Unreviewed
CVE-2024-7690
was published
Sep 2, 2024
The adstxt Plugin WordPress plugin through 1.0.0 does not have CSRF check in place when updating...
Moderate
Unreviewed
CVE-2024-7892
was published
Sep 25, 2024
ProTip!
Advisories are also available from the
GraphQL API