WordPress.org
Security Scorecard
Score
29C
Total CVEs
540
Patch Rate
20%
106 patched
Avg Response
43d
days to patch
Critical Gaps
9
exploitable, no detection
Severity Breakdown
Critical9
High40
Medium489
Low2
Patch Status
Patched106 (20%)
Partial/Workaround0 (0%)
Unpatched434 (80%)
CVEs (632)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-12589 | WP-Walla Plugin Vulnerability | MEDIUM | 6.1 | 34d | Unpatched |
| CVE-2025-11996 | Find Unused Images Plugin Vulnerability | MEDIUM | 5.3 | 34d | Unpatched |
| CVE-2025-11129 | Include Fussball.de Widgets Plugin Vulnerability | MEDIUM | 6.4 | 34d | Unpatched |
| CVE-2025-11805 | Skip to Timestamp Plugin Vulnerability | MEDIUM | 6.4 | 34d | Unpatched |
| CVE-2025-11860 | Twitter Feed Plugin Vulnerability | MEDIUM | 6.4 | 35d | Unpatched |
| CVE-2025-11869 | Precise Columns Plugin Vulnerability | MEDIUM | 6.4 | 35d | Unpatched |
| CVE-2025-11874 | Slippy Slider Vulnerability | MEDIUM | 5.4 | 35d | Unpatched |
| CVE-2025-11829 | Five9 Live Chat Plugin Vulnerability | MEDIUM | 6.4 | 38d | Unpatched |
| CVE-2025-12092 | CYAN Backup Plugin Vulnerability | MEDIUM | 6.5 | 38d | Unpatched |
| CVE-2025-12621 | Flexible Refund and Return Order for WooCommerce Plugin Vulnerability | MEDIUM | 5.3 | 38d | Unpatched |