GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 31,043
Composer 5,887
Erlang 70
GitHub Actions 52
Go 3,904
Maven 6,602
npm 6,308
NuGet 967
pip 5,167
Pub 13
RubyGems 1,062
Rust 1,374
Swift 54

Unreviewed advisories

All unreviewed 304,499

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

42,538 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Responsive Video Embedder plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed

CVE-2026-8877 was published May 27, 2026

The Instant-Quote.co Quotation Page plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2026-8884 was published May 27, 2026

The hk_shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title... Moderate Unreviewed

CVE-2026-8886 was published May 27, 2026

The BitForm plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ... Moderate Unreviewed

CVE-2026-8891 was published May 27, 2026

The jQuery googleslides plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2026-8866 was published May 27, 2026

The Mutual Funds Data plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2026-8869 was published May 27, 2026

The Google+ Link Name plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2026-8842 was published May 27, 2026

The Dideo plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ... Moderate Unreviewed

CVE-2026-8847 was published May 27, 2026

The Responsive Check plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2026-8844 was published May 27, 2026

The WP Iframe Geo Style for Amazon affiliates plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed

CVE-2026-8837 was published May 27, 2026

The Formidable Kinetic plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2026-8871 was published May 27, 2026

The Single Mailchimp plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2026-8868 was published May 27, 2026

The Content Slideshow plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2026-8873 was published May 27, 2026

The Listen Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2026-8887 was published May 27, 2026

The Tuxquote plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'TUXQUOTE'... Moderate Unreviewed

CVE-2026-8846 was published May 27, 2026

The Islamic Database plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2026-8845 was published May 27, 2026

The Post Category Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2026-8867 was published May 27, 2026

The EventPress WordPress theme before 22.2 does not sanitize or escape the 'id' parameter in the... High Unreviewed

CVE-2026-6268 was published May 27, 2026

The faq shortocde plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2026-8040 was published May 27, 2026

The My Email Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed

CVE-2026-8048 was published May 27, 2026

The Cryptocurrency Prijsvergelijking Widget plugin for WordPress is vulnerable to Stored Cross... Moderate Unreviewed

CVE-2026-8698 was published May 27, 2026

The Endless Scroll plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed

CVE-2026-8703 was published May 27, 2026

The GBI To Print plugin for WordPress is vulnerable to Stored Cross-Site Scripting in version 1.0... Moderate Unreviewed

CVE-2026-8702 was published May 27, 2026

The GNTT Post Title Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting in... Moderate Unreviewed

CVE-2026-8701 was published May 27, 2026

The NS Product icon badge plugin for WordPress is vulnerable to Reflected Cross-Site Scripting... Moderate Unreviewed

CVE-2026-8707 was published May 27, 2026

Previous 1…3…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

42,538 advisories