WordPress.org
Security Scorecard
Score
29C
Total CVEs
540
Patch Rate
20%
106 patched
Avg Response
43d
days to patch
Critical Gaps
9
exploitable, no detection
Severity Breakdown
Critical9
High40
Medium489
Low2
Patch Status
Patched106 (20%)
Partial/Workaround0 (0%)
Unpatched434 (80%)
CVEs (632)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-12471 | Hubbub Lite Social Sharing Vulnerability | MEDIUM | 6.1 | 40d | Unpatched |
| CVE-2025-12360 | CVE-2025-12360 | MEDIUM | 4.3 | 40d | Unpatched |
| CVE-2025-12563 | WordPress Social Media Auto Post & Scheduler Plugin Vulnerability | MEDIUM | 4.3 | 40d | Unpatched |
| CVE-2025-12677 | KiotViet Sync Plugin Vulnerability | MEDIUM | 5.3 | 41d | Unpatched |
| CVE-2025-12675 | KiotViet Sync Plugin Vulnerability | MEDIUM | 4.3 | 41d | Unpatched |
| CVE-2025-11373 | Depicter Popup and Slider Builder Vulnerability | MEDIUM | 4.3 | 41d | Unpatched |
| CVE-2025-11917 | WPeMatico RSS Feed Fetcher Plugin Vulnerability | MEDIUM | 6.4 | 41d | Unpatched |
| CVE-2025-11745 | Ad Inserter Vulnerability | MEDIUM | 6.4 | 41d | Unpatched |
| CVE-2025-12388 | B Carousel Block – Responsive Image and Content Carousel plugin vulnerability | MEDIUM | 6.4 | 41d | Unpatched |
| CVE-2025-12582 | WordPress Features Plugin Vulnerability | MEDIUM | 4.3 | 41d | Unpatched |