Automattic
Security Scorecard
Score
39F
Total CVEs
135
Patch Rate
5%
7 patched
Avg Response
-
days to patch
Critical Gaps
1
exploitable, no detection
Severity Breakdown
Critical1
High10
Medium124
Low0
Patch Status
Patched7 (5%)
Partial/Workaround0 (0%)
Unpatched128 (95%)
CVEs (157)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-11254 | CSV Injection in Contest Gallery – Upload, Vote & Sell with PayPal and Stripe plugin for WordPress | MEDIUM | 4.3 | 70d | Unpatched |
| CVE-2025-10124 | Booking Manager WordPress Plugin Vulnerability | MEDIUM | 4.5 | 71d | Unpatched |
| CVE-2025-11166 | WP Go Maps CSRF | MEDIUM | 5.4 | 72d | Unpatched |
| CVE-2025-9703 | Ultimate Addons for Elementor Vulnerability | MEDIUM | 4.3 | 71d | Unpatched |
| CVE-2025-10383 | Contest Gallery – Upload, Vote & Sell with PayPal and Stripe plugin vulnerability | MEDIUM | 6.4 | 77d | Unpatched |
| CVE-2025-9333 | Smart Docs Vulnerability | MEDIUM | 5.5 | 75d | Unpatched |
| CVE-2025-9194 | Constructor Theme Vulnerability | MEDIUM | 4.3 | 75d | Unpatched |
| CVE-2025-9077 | Ultra Addons Lite for Elementor Plugin Vulnerability | MEDIUM | 6.4 | 75d | Unpatched |
| CVE-2025-7825 | Schema Plugin For Divi, Gutenberg & Shortcodes Vulnerability | MEDIUM | 6.3 | 78d | Unpatched |
| CVE-2025-8669 | Customify Theme Vulnerability | MEDIUM | 4.3 | 78d | Unpatched |