GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
30,233 advisories
Filter by severity
The Tracking Code Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
Moderate
Unreviewed
CVE-2024-8721
was published
Dec 24, 2024
The Responsive Blocks – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored...
Moderate
Unreviewed
CVE-2024-12268
was published
Dec 24, 2024
The WP Datepicker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ...
Moderate
Unreviewed
CVE-2024-12468
was published
Dec 24, 2024
The Loan Comparison plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2024-12814
was published
Dec 24, 2024
The Text Prompter – Unlimited chatgpt text prompts for openai tasks plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-11896
was published
Dec 24, 2024
The ShMapper by Teplitsa plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
Moderate
Unreviewed
CVE-2024-12518
was published
Dec 24, 2024
The WP-Appbox plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page'...
Moderate
Unreviewed
CVE-2024-12710
was published
Dec 24, 2024
The Bitcoin Lightning Publisher for WordPress plugin for WordPress is vulnerable to Reflected...
Moderate
Unreviewed
CVE-2024-12100
was published
Dec 24, 2024
The NinjaTeam Chat for Telegram plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-11885
was published
Dec 24, 2024
The Export Customers Data plugin for WordPress is vulnerable to Reflected Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-12405
was published
Dec 24, 2024
The Optio Dentistry plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the...
Moderate
Unreviewed
CVE-2024-12507
was published
Dec 24, 2024
The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-12622
was published
Dec 24, 2024
A stored cross-site scripting (XSS) vulnerability in the Project name of REDCap through 15.0.0...
Moderate
Unreviewed
CVE-2024-56314
was published
Dec 23, 2024
A stored cross-site scripting (XSS) vulnerability in the Calendar feature of REDCap through 15.0...
Moderate
Unreviewed
CVE-2024-56313
was published
Dec 23, 2024
A stored cross-site scripting (XSS) vulnerability in the Project Dashboard name of REDCap through...
Moderate
Unreviewed
CVE-2024-56312
was published
Dec 23, 2024
Cross-site Scripting vulnerability in SimpleXLSXEx::readThemeColors, SimpleXLSXEx::getColorValue and SimpleXLSX::toHTMLEx
Moderate
CVE-2024-56364
was published
for
shuchkin/simplexlsx
(Composer)
Dec 23, 2024
Cross Site Scripting (XSS) vulnerability while uploading content to a new deployment
Moderate
GHSA-64gp-r758-8pfm
was published
for
org.jboss.hal:hal-console
(Maven)
Dec 23, 2024
The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-11230
was published
Dec 23, 2024
A vulnerability classified as problematic was found in code-projects Online Exam Mastering System...
Moderate
Unreviewed
CVE-2024-12892
was published
Dec 22, 2024
A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar up to...
Moderate
Unreviewed
CVE-2024-12893
was published
Dec 22, 2024
A vulnerability was found in code-projects Job Recruitment 1.0. It has been declared as...
Moderate
Unreviewed
CVE-2024-12883
was published
Dec 21, 2024
The Elementor Website Builder – More than Just a Page Builder plugin for WordPress is vulnerable...
Moderate
Unreviewed
CVE-2024-10453
was published
Dec 21, 2024
The LaTeX2HTML plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'ver'...
Moderate
Unreviewed
CVE-2024-11688
was published
Dec 21, 2024
The MagicPost plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's...
Moderate
Unreviewed
CVE-2024-12591
was published
Dec 21, 2024
The WP on AWS plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via $_POST...
Moderate
Unreviewed
CVE-2024-12408
was published
Dec 21, 2024
ProTip!
Advisories are also available from the
GraphQL API