WordPress.org
Security Scorecard
Score
21F
Total CVEs
527
Patch Rate
2%
8 patched
Avg Response
-
days to patch
Critical Gaps
9
exploitable, no detection
Severity Breakdown
Critical6
High36
Medium483
Low2
Patch Status
Patched8 (2%)
Partial/Workaround0 (0%)
Unpatched519 (98%)
CVEs (619)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-11726 | Beaver Builder – WordPress Page Builder Plugin Vulnerability | MEDIUM | 4.3 | - | Patched |
| CVE-2025-13737 | Nextend Social Login and Register Plugin Vulnerability | MEDIUM | 4.3 | 17d | Unpatched |
| CVE-2025-12649 | SortTable Post Plugin Vulnerability | MEDIUM | 6.4 | 18d | Unpatched |
| CVE-2025-10476 | WP Fastest Cache Plugin Vulnerability | MEDIUM | 4.3 | 18d | Unpatched |
| CVE-2025-12712 | Shouty Plugin Vulnerability | MEDIUM | 6.4 | 18d | Unpatched |
| CVE-2025-12713 | CVE-2025-12713 | MEDIUM | 6.4 | 18d | Unpatched |
| CVE-2025-12971 | WordPress Folders Plugin Vulnerability | MEDIUM | 4.3 | 18d | Unpatched |
| CVE-2025-13381 | ChatGPT Plugin Vulnerability | MEDIUM | 5.3 | 18d | Unpatched |
| CVE-2025-13525 | WP Directory Kit Plugin Vulnerability | MEDIUM | 6.1 | 18d | Unpatched |
| CVE-2025-12185 | WordPress StaffList Plugin Vulnerability | MEDIUM | 4.4 | 18d | Unpatched |