GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,025
Composer 4,790
Erlang 36
GitHub Actions 29
Go 2,370
Maven 5,680
npm 3,994
NuGet 720
pip 3,783
Pub 12
RubyGems 927
Rust 982
Swift 38

Unreviewed advisories

All unreviewed 261,450

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,058 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Download Plugin plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed

CVE-2025-6586 was published Jul 4, 2025

The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to arbitrary file... High Unreviewed

CVE-2025-5322 was published Jul 4, 2025

The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to... High Unreviewed

CVE-2025-5961 was published Jul 3, 2025

The Axle Demo Importer WordPress plugin through 1.0.3 does not validate files to be uploaded,... High Unreviewed

CVE-2025-4954 was published Jun 10, 2025

The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit... High Unreviewed

CVE-2025-6206 was published Jun 26, 2025

If a user saved a response from the Network tab in Devtools using the Save As context menu option... High Unreviewed

CVE-2025-6435 was published Jun 26, 2025

The Versa Director SD-WAN orchestration platform provides an option to upload various types of... High Unreviewed

CVE-2025-23171 was published Jun 19, 2025

Theme Demo Import WordPress plugin before 1.1.1 does not validate the imported file, allowing... High Unreviewed

CVE-2022-1538 was published Jan 16, 2024

The My Account Page Editor WordPress plugin before 1.3.2 does not validate the profile picture to... High Unreviewed

CVE-2023-4536 was published Jan 16, 2024

The Beaver Builder Plugin (Starter Version) plugin for WordPress is vulnerable to arbitrary file... High Unreviewed

CVE-2025-4102 was published Jun 20, 2025

HCL DRYiCE MyXalytics product is impacted by unauthenticated file upload vulnerability. The web... High Unreviewed

CVE-2023-45724 was published Jan 3, 2024

The Ultra Addons for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads... High Unreviewed

CVE-2025-6220 was published Jun 18, 2025

The CSV Me plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file... High Unreviewed

CVE-2025-6086 was published Jun 18, 2025

The Pixabay Images plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed

CVE-2025-4413 was published Jun 18, 2025

Sitecore PowerShell Extensions, an add-on to Sitecore Experience Manager (XM) and Experience... High Unreviewed

CVE-2025-34511 was published Jun 17, 2025

The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to... High Unreviewed

CVE-2025-3515 was published Jun 17, 2025

The File Manager Pro – Filester plugin for WordPress is vulnerable to arbitrary file uploads due... High Unreviewed

CVE-2025-3234 was published Jun 14, 2025

The Workreap plugin for WordPress, used by the Workreap - Freelance Marketplace WordPress Theme,... High Unreviewed

CVE-2025-5012 was published Jun 12, 2025

An unrestricted file upload vulnerability exists in the Product Image section of the VirtueMart... High Unreviewed

CVE-2025-6002 was published Jun 11, 2025

The WordPress Automatic Plugin plugin for WordPress is vulnerable to arbitrary file uploads due... High Unreviewed

CVE-2025-5395 was published Jun 11, 2025

The Panel Designer dashboard in Airleader Master and Easy before 6.36 allows remote attackers to... High Unreviewed

CVE-2025-46612 was published Jun 10, 2025

The Abandoned Cart Pro for WooCommerce plugin contains an authenticated arbitrary file upload... High Unreviewed

CVE-2025-4387 was published Jun 10, 2025

The WP User Frontend Pro plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed

CVE-2025-3054 was published Jun 5, 2025

File Upload vulnerability in Motivian Content Mangment System v.41.0.0 allows a remote attacker... High Unreviewed

CVE-2025-29093 was published Jun 4, 2025

Improper input validation vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1... High Unreviewed

CVE-2024-23180 was published Jan 23, 2024

Previous 1 2 3 4 5 … 42 43 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,058 advisories