WordPress.org
Security Scorecard
Score
21F
Total CVEs
527
Patch Rate
2%
8 patched
Avg Response
-
days to patch
Critical Gaps
9
exploitable, no detection
Severity Breakdown
Critical6
High36
Medium483
Low2
Patch Status
Patched8 (2%)
Partial/Workaround0 (0%)
Unpatched519 (98%)
CVEs (619)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-9191 | Houzez Theme Vulnerability | MEDIUM | 6.3 | 19d | Unpatched |
| CVE-2025-13376 | ProjectList Plugin Vulnerability | HIGH | 7.2 | 18d | Unpatched |
| CVE-2025-13380 | ChatGPT Plugin Vulnerability | MEDIUM | 6.5 | 20d | Unpatched |
| CVE-2025-13405 | Ace Post Type Builder Plugin Vulnerability | MEDIUM | 5.3 | 20d | Unpatched |
| CVE-2025-13452 | OrderConvo | MEDIUM | 4.3 | 20d | Unpatched |
| CVE-2025-12645 | Inline Frame Vulnerability | MEDIUM | 6.4 | 20d | Unpatched |
| CVE-2025-12032 | Zweb Social Mobile Plugin Vulnerability | MEDIUM | 4.4 | 20d | Unpatched |
| CVE-2025-13558 | Blog2Social Vulnerability | MEDIUM | 5.4 | 20d | Unpatched |
| CVE-2025-12025 | YouTube Subscribe Plugin Vulnerability | MEDIUM | 4.4 | 20d | Unpatched |
| CVE-2025-13311 | Just Highlight Plugin Vulnerability | MEDIUM | 4.4 | 20d | Unpatched |