WordPress.org

Security Scorecard

Score

21F

Total CVEs

527

Patch Rate

2%

8 patched

Avg Response

-

days to patch

Critical Gaps

9

exploitable, no detection

Severity Breakdown

Critical6

High36

Medium483

Low2

Patch Status

Patched8 (2%)

Partial/Workaround0 (0%)

Unpatched519 (98%)

CVEs (619)

CVE ID	Title	Severity	Score	Days	Patch
CVE-2025-13382	WordPress Plugin Vulnerability	MEDIUM	4.3	20d	Unpatched
CVE-2025-12043	Autochat Automatic Conversation Plugin Vulnerability	MEDIUM	5.3	20d	Unpatched
CVE-2025-12525	Locker Content Plugin Vulnerability	MEDIUM	5.3	20d	Unpatched
CVE-2025-13386	CVE-2025-13386	MEDIUM	5.3	20d	Unpatched
CVE-2025-13389	WooCommerce OrderConvo Plugin Vulnerability	MEDIUM	5.3	20d	Unpatched
CVE-2025-13404	Duplicate Post Plugin Vulnerability	MEDIUM	5.3	20d	Unpatched
CVE-2025-13370	WordPress Plugin Vulnerability	MEDIUM	4.9	20d	Unpatched
CVE-2025-10646	Search Exclude Plugin Vulnerability	MEDIUM	4.3	20d	Unpatched
CVE-2025-13385	Bookme Free Online Appointment Booking System SQL Injection	MEDIUM	4.9	20d	Unpatched
CVE-2025-12587	Peer Publish Plugin Vulnerability	MEDIUM	4.3	20d	Unpatched