GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,787

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

38,274 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Preload Current Images plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-12658 was published Nov 11, 2025

The Live Photos on WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2025-12651 was published Nov 11, 2025

The Geopost plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'height'... Moderate Unreviewed

CVE-2025-12754 was published Nov 11, 2025

The Progress Bar Blocks for Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2025-12880 was published Nov 11, 2025

The WP Count Down Timer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2025-12668 was published Nov 11, 2025

The Double the Donation – A workplace giving tool to help your fundraising efforts plugin for... Moderate Unreviewed

CVE-2025-12020 was published Nov 11, 2025

The Fleet Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin... Moderate Unreviewed

CVE-2025-12538 was published Nov 11, 2025

The WP-OAuth plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-12021 was published Nov 11, 2025

The Featured Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image... Moderate Unreviewed

CVE-2025-12019 was published Nov 11, 2025

The My Geo Posts Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-11863 was published Nov 11, 2025

The WP BBCode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ... Moderate Unreviewed

CVE-2025-11873 was published Nov 11, 2025

The Simple Donate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-11882 was published Nov 11, 2025

The Precise Columns plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-11869 was published Nov 11, 2025

The Paypal Donation Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2025-11859 was published Nov 11, 2025

The Twitter Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-11860 was published Nov 11, 2025

The WP Bootstrap Tabs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-11822 was published Nov 11, 2025

The Magazine Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-11828 was published Nov 11, 2025

The Include Fussball.de Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2025-11129 was published Nov 11, 2025

The Eventbee Ticketing Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2025-11856 was published Nov 11, 2025

The Woocommerce – Products By Custom Tax plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2025-11821 was published Nov 11, 2025

The Skip to Timestamp plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-11805 was published Nov 11, 2025

The Five9 Live Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2025-11829 was published Nov 11, 2025

Due to a Reflected Cross-Site Scripting (XSS) vulnerability in SAP Business Connector, an... Moderate Unreviewed

CVE-2025-42886 was published Nov 11, 2025

An improper neutralization of input vulnerability was identified in GitHub Enterprise Server that... High Unreviewed

CVE-2025-11892 was published Nov 11, 2025

Cross Site Scripting (XSS) vulnerability stored in SOPlanning v1.53.02, which consist of a stored... Moderate Unreviewed

CVE-2025-41001 was published Nov 10, 2025

Previous 12…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

38,274 advisories