Automattic

Security Scorecard

Score

39F

Total CVEs

135

Patch Rate

5%

7 patched

Avg Response

-

days to patch

Critical Gaps

1

exploitable, no detection

Severity Breakdown

Critical1

High10

Medium124

Low0

Patch Status

Patched7 (5%)

Partial/Workaround0 (0%)

Unpatched128 (95%)

CVEs (157)

CVE ID	Title	Severity	Score	Days	Patch
CVE-2025-12775	WP Dropzone Plugin Vulnerability	HIGH	8.8	26d	Unpatched
CVE-2025-12406	Project Honey Pot Spam Trap Vulnerability	MEDIUM	6.1	27d	Unpatched
CVE-2025-12524	CVE-2025-12524	MEDIUM	5.4	27d	Unpatched
CVE-2025-12391	BuddyPress Plugin Vulnerability	MEDIUM	5.3	27d	Unpatched
CVE-2025-13196	Element Pack Addons Vulnerability	MEDIUM	5.4	27d	Unpatched
CVE-2025-12961	Download Panel Plugin Vulnerability	MEDIUM	4.3	27d	Unpatched
CVE-2025-64384	JetFormBuilder Bypass	MEDIUM	6.3	32d	Unpatched
CVE-2025-64269	WooPDF Invoice Builder Bypass	MEDIUM	4.3	32d	Unpatched
CVE-2025-12087	Woocommerce Wishlist Save for Later Plugin Vulnerability	MEDIUM	4.3	33d	Unpatched
CVE-2025-11237	Make Email Customizer Vulnerability	MEDIUM	5.3	34d	Unpatched