Automattic
Security Scorecard
Score
39F
Total CVEs
135
Patch Rate
5%
7 patched
Avg Response
-
days to patch
Critical Gaps
1
exploitable, no detection
Severity Breakdown
Critical1
High10
Medium124
Low0
Patch Status
Patched7 (5%)
Partial/Workaround0 (0%)
Unpatched128 (95%)
CVEs (157)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-11536 | Elementor Pack Addons Blind Server-Side Request Forgery | MEDIUM | 5.0 | 60d | Unpatched |
| CVE-2025-9890 | Theme Editor Cross-Site Request Forgery | HIGH | 8.8 | 59d | Unpatched |
| CVE-2025-11926 | Related Posts Lite Plugin Vulnerability | MEDIUM | 4.4 | 62d | Unpatched |
| CVE-2025-11519 | Optimole Plugin Vulnerability | MEDIUM | 4.3 | 62d | Unpatched |
| CVE-2025-11703 | WP Go Maps Cache Poisoning | MEDIUM | 5.3 | 62d | Unpatched |
| CVE-2025-11372 | LearnPress WordPress LMS Plugin Vulnerability | MEDIUM | 6.5 | 62d | Unpatched |
| CVE-2025-10700 | Ally Web Accessibility & Usability Plugin Vulnerability | MEDIUM | 4.3 | 65d | Unpatched |
| CVE-2025-11160 | WPBakery Page Builder Vulnerability | MEDIUM | 6.4 | 66d | Unpatched |
| CVE-2025-9698 | Plus Addons Vulnerability | MEDIUM | 6.8 | 64d | Unpatched |
| CVE-2025-10375 | AccessiBe Plugin Vulnerability | MEDIUM | 4.3 | 70d | Unpatched |