Automattic
Security Scorecard
Score
39F
Total CVEs
135
Patch Rate
5%
7 patched
Avg Response
-
days to patch
Critical Gaps
1
exploitable, no detection
Severity Breakdown
Critical1
High10
Medium124
Low0
Patch Status
Patched7 (5%)
Partial/Workaround0 (0%)
Unpatched128 (95%)
CVEs (157)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-12394 | CVE-2025-12394 | MEDIUM | 5.9 | 21d | Unpatched |
| CVE-2025-11003 | UiPress Lite Vulnerability | MEDIUM | 6.4 | 24d | Unpatched |
| CVE-2025-11799 | Wordfence WordPress Affiliate AI Lite Plugin Vulnerability | MEDIUM | 6.4 | 24d | Unpatched |
| CVE-2025-13134 | AuthorSure Cross-Site Request Forgery | MEDIUM | 6.1 | 24d | Unpatched |
| CVE-2025-13149 | PublishPress Future Unpublish, Delete, Change Status, Trash, Change Categories Plugin Vulnerability | MEDIUM | 4.3 | 24d | Unpatched |
| CVE-2025-12066 | WP Delete Post Copies Plugin Vulnerability | MEDIUM | 4.4 | 24d | Unpatched |
| CVE-2025-11815 | UiPress Lite Vulnerability | MEDIUM | 4.3 | 24d | Unpatched |
| CVE-2025-13206 | GiveWP Donation Plugin Vulnerability | HIGH | 7.2 | - | Patched |
| CVE-2025-12174 | CVE-2025-12174 | MEDIUM | 6.5 | 26d | Unpatched |
| CVE-2025-12777 | YITH WooCommerce Wishlist Plugin Bypass | MEDIUM | 5.3 | 26d | Unpatched |