Automattic

Security Scorecard

Score

39F

Total CVEs

135

Patch Rate

5%

7 patched

Avg Response

-

days to patch

Critical Gaps

1

exploitable, no detection

Severity Breakdown

Critical1
High10
Medium124
Low0

Patch Status

Patched7 (5%)
Partial/Workaround0 (0%)
Unpatched128 (95%)

CVEs (157)

CVE IDTitleSeverityScoreDaysPatch
CVE-2025-9260Fluent Forms VulnerabilityMEDIUM6.5105dUnpatched
CVE-2025-9499Ocean Extra Plugin VulnerabilityMEDIUM6.4108dUnpatched
CVE-2025-9500TablePress VulnerabilityMEDIUM6.4108dUnpatched
CVE-2025-9344UsersWP VulnerabilityMEDIUM6.4-Patched
CVE-2024-12877GiveWP Donation Plugin VulnerabilityCRITICAL9.8-Patched
CVE-2025-13608CC Child Pages Plugin VulnerabilityN/A-0dUnpatched
CVE-2025-14003CVE-2025-14003N/A-0dUnpatched
CVE-2025-13403WordPress Employee Spotlight Plugin VulnerabilityN/A-2dUnpatched
CVE-2025-14446Popup Builder Easy Notify Lite VulnerabilityN/A-2dUnpatched
CVE-2025-14540Userback Plugin VulnerabilityN/A-2dUnpatched