Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,049
Erlang
29
GitHub Actions
18
Go
1,871
Maven
5,000+
npm
3,597
NuGet
638
pip
3,198
Pub
10
RubyGems
852
Rust
809
Swift
35
Unreviewed advisories
All unreviewed
5,000+

3,234 advisories

The Logo Showcase with Slick Slider WordPress plugin before 1.2.5 does not have CSRF and... Moderate Unreviewed
CVE-2021-24730 was published Mar 1, 2022
The Logo Showcase with Slick Slider WordPress plugin before 2.0.1 does not have CSRF check in the... Moderate Unreviewed
CVE-2021-24913 was published Mar 1, 2022
The Maps Plugin using Google Maps for WordPress plugin before 1.8.4 does not have CSRF checks in... Moderate Unreviewed
CVE-2021-25081 was published Mar 1, 2022
The Maps Plugin using Google Maps for WordPress plugin before 1.8.1 does not have proper... Moderate Unreviewed
CVE-2021-25011 was published Mar 1, 2022
The Simple Membership WordPress plugin before 4.0.9 does not have CSRF check when deleting... Moderate Unreviewed
CVE-2022-0328 was published Mar 1, 2022
The Customize WordPress Emails and Alerts WordPress plugin before 1.8.7 does not have... Moderate Unreviewed
CVE-2022-0345 was published Mar 1, 2022
Cross-site request forgery (CSRF) vulnerability in EC-CUBE plugin 'Mail Magazine Management... Moderate Unreviewed
CVE-2022-21179 was published Feb 25, 2022
The Coming soon and Maintenance mode WordPress plugin before 3.6.8 does not have CSRF check in... Moderate Unreviewed
CVE-2022-0199 was published Feb 22, 2022
The Coming soon and Maintenance mode WordPress plugin before 3.6.8 does not have authorisation... Moderate Unreviewed
CVE-2022-0164 was published Feb 22, 2022
The Float menu WordPress plugin before 4.3.1 does not have CSRF check in place when deleting menu... Moderate Unreviewed
CVE-2022-0313 was published Feb 22, 2022
Cross-Site Request Forgery (CSRF) vulnerability leading to event deletion was discovered in... Moderate Unreviewed
CVE-2022-25599 was published Feb 22, 2022
Plesk 18.0.37 is affected by a Cross Site Request Forgery (CSRF) vulnerability that allows an... Moderate Unreviewed
CVE-2021-45007 was published Feb 21, 2022
Cross-Site Request Forgery microweber Moderate
CVE-2022-0638 was published for microweber/microweber (Composer) Feb 18, 2022
A Cross-Site Request Forgery (CSRF) in RequirementsBypassPage.php of Scratch Wiki scratch... Moderate Unreviewed
CVE-2021-46252 was published Feb 17, 2022
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers... Moderate Unreviewed
CVE-2021-43952 was published Feb 16, 2022
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers... Moderate Unreviewed
CVE-2021-43953 was published Feb 16, 2022
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to modify... Moderate Unreviewed
CVE-2021-43941 was published Feb 16, 2022
Jenkins Snow Commander Plugin 2.0 vulnerable to Cross-Site Request Forgery Moderate
CVE-2022-25192 was published for io.jenkins.plugins:embotics-vcommander (Maven) Feb 16, 2022
NotMyFault
CSRF vulnerability in Jenkins Checkmarx Plugin allow capturing credentials Moderate
CVE-2022-25200 was published for com.checkmarx.jenkins:checkmarx (Maven) Feb 16, 2022
NotMyFault
CSRF vulnerability in Jenkins SWAMP Plugin allows capturing credentials Moderate
CVE-2022-25212 was published for org.continuousassurance.swamp.jenkins:swamp (Maven) Feb 16, 2022
NotMyFault
Cross-Site Request Forgery in mm_forum Moderate Unreviewed
CVE-2020-15516 was published Feb 15, 2022
The Remove Footer Credit WordPress plugin before 1.0.6 does not have CSRF check in place when... Moderate Unreviewed
CVE-2021-24446 was published Feb 15, 2022
The Entity Embed module provides a filter to allow embedding entities in content fields. In... Moderate Unreviewed
CVE-2020-13673 was published Feb 12, 2022
Cross-Site Request Forgery in Drupal core Moderate
CVE-2020-13674 was published for drupal/core (Composer) Feb 12, 2022
tdunlap607
phoronix-test-suite is vulnerable to Cross-Site Request Forgery (CSRF) Moderate Unreviewed
CVE-2022-0238 was published Feb 11, 2022
ProTip! Advisories are also available from the GraphQL API