WordPress.org
Security Scorecard
Score
21F
Total CVEs
526
Patch Rate
2%
8 patched
Avg Response
-
days to patch
Critical Gaps
9
exploitable, no detection
Severity Breakdown
Critical6
High35
Medium483
Low2
Patch Status
Patched8 (2%)
Partial/Workaround0 (0%)
Unpatched518 (98%)
CVEs (618)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-13904 | WPGancio Plugin Vulnerability | MEDIUM | 6.4 | 2d | Unpatched |
| CVE-2025-13960 | Gpxpress WordPress Plugin Vulnerability | MEDIUM | 6.4 | 2d | Unpatched |
| CVE-2025-13961 | Data Visualizer Plugin Vulnerability | MEDIUM | 6.4 | 2d | Unpatched |
| CVE-2025-13966 | Paypal Payment Shortcode Plugin Vulnerability | MEDIUM | 6.4 | 2d | Unpatched |
| CVE-2025-14143 | Ayo Shortcodes Vulnerability | MEDIUM | 6.4 | 2d | Unpatched |
| CVE-2025-14393 | Wpik WordPress Basic Ajax Form Plugin Vulnerability | MEDIUM | 6.4 | 2d | Unpatched |
| CVE-2025-14030 | AI Feeds Plugin Vulnerability | MEDIUM | 6.4 | 2d | Unpatched |
| CVE-2025-12834 | Contact Form 7 Stripe Payment Plugin Vulnerability | MEDIUM | 6.1 | 2d | Unpatched |
| CVE-2025-13988 | WordPress Comments Secretary Plugin Vulnerability | MEDIUM | 6.1 | 2d | Unpatched |
| CVE-2025-14125 | Complag Plugin Vulnerability | MEDIUM | 6.1 | 2d | Unpatched |