The OWASP Vulnerable Web Applications Directory Project (VWAD, https://owasp.org/www-project-vulnerable-web-applications-directory/) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.
The three individual lists are available via separate tabs on: https://owasp.org/www-project-vulnerable-web-applications-directory/
Just open a PR modifying the appropriate JSON file.
Currently (20200331) they are automatically copied/deployed to the www-project-vulnerable-web-applications-directory repo, from which they are rendered on the owasp.org website.