GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,952

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

3,366 advisories

Filter by severity

Sort by

Least recently updated

The Special Feed Items WordPress plugin through 1.0.1 does not have CSRF check in some places,... Moderate Unreviewed

CVE-2024-8051 was published Sep 17, 2024

The infolinks Ad Wrap WordPress plugin through 1.0.2 does not have CSRF check in place when... Moderate Unreviewed

CVE-2024-8044 was published Sep 17, 2024

Lunary Cross-Site Request Forgery (CSRF) vulnerability Moderate

CVE-2024-6862 was published for lunary (npm) Sep 13, 2024

The Favicon Generator (CLOSED) WordPress plugin before 2.1 does not have CSRF and path validation... Moderate Unreviewed

CVE-2024-7864 was published Sep 13, 2024

The Gixaw Chat WordPress plugin through 1.0 does not have CSRF check in some places, and is... Moderate Unreviewed

CVE-2024-7816 was published Sep 12, 2024

The ILC Thickbox WordPress plugin through 1.0 does not have CSRF check in place when updating its... Moderate Unreviewed

CVE-2024-7820 was published Sep 12, 2024

The Visual Sound WordPress plugin through 1.03 does not have CSRF check in place when updating... Moderate Unreviewed

CVE-2024-7859 was published Sep 12, 2024

The Misiek Photo Album WordPress plugin through 1.4.3 does not have CSRF checks in some places,... Moderate Unreviewed

CVE-2024-7817 was published Sep 12, 2024

The blogintroduction-wordpress-plugin WordPress plugin through 0.3.0 does not have CSRF check in... Moderate Unreviewed

CVE-2024-7862 was published Sep 12, 2024

The Easy Property Listings WordPress plugin before 3.5.4 does not have CSRF check when deleting... Moderate Unreviewed

CVE-2024-3163 was published Sep 12, 2024

The Music Request Manager WordPress plugin through 1.3 does not have CSRF check in some places,... Moderate Unreviewed

CVE-2024-6017 was published Sep 12, 2024

The Tutor LMS plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to,... Moderate Unreviewed

CVE-2023-2919 was published Sep 10, 2024

Cross-site request forgery (CSRF) vulnerability in multiple Alps System Integration products and... Moderate Unreviewed

CVE-2024-45504 was published Sep 10, 2024

The AZIndex WordPress plugin through 0.8.1 does not have CSRF check in some places, and is... Moderate Unreviewed

CVE-2024-7687 was published Sep 9, 2024

The Snapshot Backup WordPress plugin through 2.1.1 does not have CSRF check in some places, and... Moderate Unreviewed

CVE-2024-7689 was published Sep 9, 2024

The AZIndex WordPress plugin through 0.8.1 does not have CSRF checks in some places, which could... Moderate Unreviewed

CVE-2024-7688 was published Sep 9, 2024

The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check in place when... Moderate Unreviewed

CVE-2024-6856 was published Sep 8, 2024

The TrueBooker WordPress plugin before 1.0.3 does not have CSRF check in place when updating its... Moderate Unreviewed

CVE-2024-6925 was published Sep 8, 2024

The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check when updating... Moderate Unreviewed

CVE-2024-6853 was published Sep 8, 2024

The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check in place when... Moderate Unreviewed

CVE-2024-6852 was published Sep 8, 2024

The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check when updating exit... Moderate Unreviewed

CVE-2024-6855 was published Sep 8, 2024

An issue was discovered in za-internet C-MOR Video Surveillance 5.2401 and 6.00PL01. Due to... Moderate Unreviewed

CVE-2024-45172 was published Sep 4, 2024

A vulnerability has been found in SourceCodester Insurance Management System 1.0 and classified... Moderate Unreviewed

CVE-2024-8414 was published Sep 4, 2024

The DN Popup WordPress plugin through 1.2.2 does not have CSRF check in place when updating its... Moderate Unreviewed

CVE-2024-7690 was published Sep 2, 2024

REDCap 14.7.0 allows HTML injection via the project title of a New Project action. This can lead... Moderate Unreviewed

CVE-2024-45527 was published Sep 2, 2024

Previous 1 2 3 4 5 6 7 … 134 135 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,366 advisories