Automattic
Security Scorecard
Score
39F
Total CVEs
135
Patch Rate
5%
7 patched
Avg Response
-
days to patch
Critical Gaps
1
exploitable, no detection
Severity Breakdown
Critical1
High10
Medium124
Low0
Patch Status
Patched7 (5%)
Partial/Workaround0 (0%)
Unpatched128 (95%)
CVEs (157)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-8383 | Depicter Plugin Vulnerability | MEDIUM | 4.3 | 46d | Unpatched |
| CVE-2025-10008 | Weglot Plugin Vulnerability | MEDIUM | 5.3 | 50d | Unpatched |
| CVE-2025-64234 | Evergreen Content Poster Vulnerability | MEDIUM | 4.3 | 51d | Unpatched |
| CVE-2025-64286 | WpEstate WP Rentals CSRF Vulnerability | MEDIUM | 4.3 | 51d | Unpatched |
| CVE-2023-7320 | WooCommerce Sensitive Info Exposure | MEDIUM | 5.3 | 51d | Unpatched |
| CVE-2025-49042 | WooCommerce XSS Vulnerability | MEDIUM | 5.9 | 51d | Unpatched |
| CVE-2025-12034 | Fast Velocity Minify Plugin Vulnerability | MEDIUM | 4.4 | 55d | Unpatched |
| CVE-2025-11497 | Advanced Database Cleaner Cross-Site Request Forgery | MEDIUM | 4.3 | 55d | Unpatched |
| CVE-2025-11976 | FuseWP Vulnerability | MEDIUM | 4.3 | 55d | Unpatched |
| CVE-2025-8588 | PublishPress Blocks Vulnerability | MEDIUM | 6.4 | 55d | Unpatched |