GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,295
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,107
Rust
1,492
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
313,198 advisories
Filter by severity
The Form Vibes – Database Manager for Forms plugin for WordPress is vulnerable to Stored Cross...
High
Unreviewed
CVE-2026-13378
was published
Jul 11, 2026
The Simple JWT Login – Allows you to use JWT on REST endpoints. plugin for WordPress is...
High
Unreviewed
CVE-2026-14262
was published
Jul 11, 2026
The PDF Invoices & Packing Slips for WooCommerce plugin for WordPress is vulnerable to Insecure...
Moderate
Unreviewed
CVE-2026-13116
was published
Jul 11, 2026
The Swiss Toolkit For WP plugin for WordPress is vulnerable to arbitrary file upload due to a...
High
Unreviewed
CVE-2026-2354
was published
Jul 11, 2026
The Themify Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via ...
Moderate
Unreviewed
CVE-2026-15097
was published
Jul 11, 2026
The Themify Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Map...
Moderate
Unreviewed
CVE-2026-15096
was published
Jul 11, 2026
The Booking Package plugin for WordPress is vulnerable to generic SQL Injection via 'email' Form...
High
Unreviewed
CVE-2026-15335
was published
Jul 11, 2026
The ThriveDesk – Live Chat, AI Chatbot, Helpdesk & Knowledge Base plugin for WordPress is...
Moderate
Unreviewed
CVE-2026-1832
was published
Jul 11, 2026
The Planyo Online Reservation System plugin for WordPress is vulnerable to Server-Side Request...
High
Unreviewed
CVE-2026-3576
was published
Jul 11, 2026
The SurfLink - Ultimate Link Manager plugin for WordPress is vulnerable to unauthorized data...
Moderate
Unreviewed
CVE-2026-3552
was published
Jul 11, 2026
The Starboard Suite Reservation Calendars plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2025-13968
was published
Jul 11, 2026
The SimpLy Gallery Block & Lightbox plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2026-5743
was published
Jul 11, 2026
The MyParcel plugin for WordPress is vulnerable to authorization bypass in all versions up to,...
Moderate
Unreviewed
CVE-2026-8678
was published
Jul 11, 2026
The Mux Video Uploader plugin for WordPress is vulnerable to Sensitive Information Exposure in...
Moderate
Unreviewed
CVE-2026-7544
was published
Jul 11, 2026
The Majestic Support – The Leading-Edge Help Desk & Customer Support Plugin plugin for WordPress...
Moderate
Unreviewed
CVE-2026-13262
was published
Jul 11, 2026
The WP Ultimate CSV Importer – WordPress Import & Export for CSV, XML & Excel plugin for...
High
Unreviewed
CVE-2026-13353
was published
Jul 11, 2026
The KiviCare – Clinic & Patient Management System (EHR) plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2026-15072
was published
Jul 11, 2026
The Premium Addons for Elementor – Powerful Elementor Templates & Widgets plugin for WordPress is...
Moderate
Unreviewed
CVE-2026-12141
was published
Jul 11, 2026
The Members – Membership & User Role Editor Plugin plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2026-12426
was published
Jul 11, 2026
The Motors – Car Dealership & Classified Listings Plugin plugin for WordPress is vulnerable to...
High
Unreviewed
CVE-2026-13114
was published
Jul 11, 2026
The Points and Rewards for WooCommerce plugin for WordPress is vulnerable to authorization bypass...
Moderate
Unreviewed
CVE-2026-10628
was published
Jul 11, 2026
The KiviCare – Clinic & Patient Management System (EHR) plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2026-15073
was published
Jul 11, 2026
The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Local File...
High
Unreviewed
CVE-2026-15338
was published
Jul 11, 2026
The Lockme OAuth2 calendars integration plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2026-3367
was published
Jul 11, 2026
The WP Grid Builder plugin for WordPress is vulnerable to Privilege Escalation in all versions up...
High
Unreviewed
CVE-2026-13756
was published
Jul 11, 2026
ProTip!
Advisories are also available from the
GraphQL API