GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,025
Composer 4,790
Erlang 36
GitHub Actions 29
Go 2,370
Maven 5,680
npm 3,994
NuGet 720
pip 3,783
Pub 12
RubyGems 927
Rust 982
Swift 38

Unreviewed advisories

All unreviewed 261,388

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,058 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Download Plugin plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed

CVE-2025-6586 was published Jul 4, 2025

The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to arbitrary file... High Unreviewed

CVE-2025-5322 was published Jul 4, 2025

The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to... High Unreviewed

CVE-2025-5961 was published Jul 3, 2025

If a user saved a response from the Network tab in Devtools using the Save As context menu option... High Unreviewed

CVE-2025-6435 was published Jun 26, 2025

The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit... High Unreviewed

CVE-2025-6206 was published Jun 26, 2025

The Beaver Builder Plugin (Starter Version) plugin for WordPress is vulnerable to arbitrary file... High Unreviewed

CVE-2025-4102 was published Jun 20, 2025

The Versa Director SD-WAN orchestration platform provides an option to upload various types of... High Unreviewed

CVE-2025-23171 was published Jun 19, 2025

The Ultra Addons for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads... High Unreviewed

CVE-2025-6220 was published Jun 18, 2025

The CSV Me plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file... High Unreviewed

CVE-2025-6086 was published Jun 18, 2025

The Pixabay Images plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed

CVE-2025-4413 was published Jun 18, 2025

Sitecore PowerShell Extensions, an add-on to Sitecore Experience Manager (XM) and Experience... High Unreviewed

CVE-2025-34511 was published Jun 17, 2025

The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to... High Unreviewed

CVE-2025-3515 was published Jun 17, 2025

The File Manager Pro – Filester plugin for WordPress is vulnerable to arbitrary file uploads due... High Unreviewed

CVE-2025-3234 was published Jun 14, 2025

The Workreap plugin for WordPress, used by the Workreap - Freelance Marketplace WordPress Theme,... High Unreviewed

CVE-2025-5012 was published Jun 12, 2025

An unrestricted file upload vulnerability exists in the Product Image section of the VirtueMart... High Unreviewed

CVE-2025-6002 was published Jun 11, 2025

The WordPress Automatic Plugin plugin for WordPress is vulnerable to arbitrary file uploads due... High Unreviewed

CVE-2025-5395 was published Jun 11, 2025

The Panel Designer dashboard in Airleader Master and Easy before 6.36 allows remote attackers to... High Unreviewed

CVE-2025-46612 was published Jun 10, 2025

The Axle Demo Importer WordPress plugin through 1.0.3 does not validate files to be uploaded,... High Unreviewed

CVE-2025-4954 was published Jun 10, 2025

The Abandoned Cart Pro for WooCommerce plugin contains an authenticated arbitrary file upload... High Unreviewed

CVE-2025-4387 was published Jun 10, 2025

The WP User Frontend Pro plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed

CVE-2025-3054 was published Jun 5, 2025

File Upload vulnerability in Motivian Content Mangment System v.41.0.0 allows a remote attacker... High Unreviewed

CVE-2025-29093 was published Jun 4, 2025

Sourcecodester Web-based Pharmacy Product Management System v.1.0 has a file upload vulnerability... High Unreviewed

CVE-2025-45997 was published May 28, 2025

The MasterStudy LMS Pro plugin for WordPress is vulnerable to arbitrary file uploads due to a... High Unreviewed

CVE-2025-4800 was published May 28, 2025

The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to arbitrary file... High Unreviewed

CVE-2025-4336 was published May 24, 2025

The TheGem theme for WordPress is vulnerable to arbitrary file uploads due to missing file type... High Unreviewed

CVE-2025-4317 was published May 13, 2025

Previous 1 2 3 4 5 … 42 43 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,058 advisories