GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+
3,252 advisories
Filter by severity
Cross-Site Request Forgery (CSRF) vulnerability in WPBackItUp Backup and Restore WordPress.This...
Moderate
Unreviewed
CVE-2024-43269
was published
Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in bobbingwide.This issue affects oik: from n/a...
Moderate
Unreviewed
CVE-2024-43356
was published
Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Brevo Newsletter, SMTP, Email marketing and...
Moderate
Unreviewed
CVE-2024-43287
was published
Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Naiche Dark Mode for WP Dashboard.This issue...
Moderate
Unreviewed
CVE-2024-43325
was published
Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Saturday Drive Ninja Forms.This issue affects...
Moderate
Unreviewed
CVE-2024-39628
was published
Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in WebinarPress allows Cross-Site Scripting (XSS)...
Moderate
Unreviewed
CVE-2024-43339
was published
Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Passionate Programmers B.V. WP Data Access...
Moderate
Unreviewed
CVE-2024-43295
was published
Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Softaculous Team SpeedyCache.This issue...
Moderate
Unreviewed
CVE-2024-43299
was published
Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in WP User Manager.This issue affects WP User...
Moderate
Unreviewed
CVE-2024-43336
was published
Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Nasirahmed Advanced Form Integration.This...
Moderate
Unreviewed
CVE-2024-43340
was published
Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Brave Brave Popup Builder.This issue affects...
Moderate
Unreviewed
CVE-2024-43337
was published
Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Checkout Plugins Stripe Payments For...
Moderate
Unreviewed
CVE-2024-43316
was published
Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Analytify.This issue affects Analytify: from n...
Moderate
Unreviewed
CVE-2024-43265
was published
Aug 26, 2024
The Visual Sound plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions...
Moderate
Unreviewed
CVE-2024-8197
was published
Aug 27, 2024
The Reviews Feed – Add Testimonials and Customer Reviews From Google Reviews, Yelp, TripAdvisor,...
Moderate
Unreviewed
CVE-2024-8200
was published
Aug 27, 2024
The Smart Forms WordPress plugin before 2.6.87 does not have authorisation in various AJAX...
Moderate
Unreviewed
CVE-2023-7203
was published
Feb 27, 2024
Cross-site request forgery (CSRF) vulnerability in easy-popup-show all versions allows a remote...
Moderate
Unreviewed
CVE-2024-29009
was published
Mar 25, 2024
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
Moderate
Unreviewed
CVE-2024-28669
was published
Mar 13, 2024
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
Moderate
Unreviewed
CVE-2024-28682
was published
Mar 13, 2024
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
Moderate
Unreviewed
CVE-2024-28677
was published
Mar 13, 2024
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
Moderate
Unreviewed
CVE-2024-28681
was published
Mar 13, 2024
A Cross-Site Request Forgery (CSRF) vulnerability was found in Kashipara Music Management System...
Moderate
Unreviewed
CVE-2024-42793
was published
Aug 28, 2024
Cross Site Request Forgery vulnerability in GNU Savane v.3.12 and before allows a remote attacker...
Moderate
Unreviewed
CVE-2024-27631
was published
Apr 8, 2024
flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
Moderate
Unreviewed
CVE-2024-26445
was published
Feb 22, 2024
The Coru LFMember WordPress plugin through 1.0.2 does not have CSRF check in place when adding a...
Moderate
Unreviewed
CVE-2022-1618
was published
Jan 16, 2024
ProTip!
Advisories are also available from the
GraphQL API