WordPress.org

Security Scorecard

Score

21F

Total CVEs

529

Patch Rate

2%

8 patched

Avg Response

-

days to patch

Critical Gaps

9

exploitable, no detection

Severity Breakdown

Critical6
High36
Medium483
Low2

Patch Status

Patched8 (2%)
Partial/Workaround0 (0%)
Unpatched521 (98%)

CVEs (621)

CVE IDTitleSeverityScoreDaysPatch
CVE-2025-11985Realty Portal Plugin VulnerabilityHIGH8.822dUnpatched
CVE-2025-12138URL Image Importer Plugin VulnerabilityHIGH8.822dUnpatched
CVE-2025-13138WP Directory Kit SQL Injection VulnerabilityHIGH7.522dUnpatched
CVE-2025-12135WPBookit Plugin VulnerabilityHIGH7.222dUnpatched
CVE-2025-66091Stylish Cost Calculator XSS VulnerabilityMEDIUM6.524dUnpatched
CVE-2025-66092Accordion Slider XSSMEDIUM6.524dUnpatched
CVE-2025-66093Leaflet Map XSSMEDIUM6.524dUnpatched
CVE-2025-11763WordPress Display Pages Shortcode Plugin VulnerabilityMEDIUM6.424dUnpatched
CVE-2025-11765Stock Tools Plugin VulnerabilityMEDIUM6.424dUnpatched
CVE-2025-11767WordPress Tips Shortcode Plugin VulnerabilityMEDIUM6.424dUnpatched