WordPress.org
Security Scorecard
Score
29C
Total CVEs
540
Patch Rate
20%
106 patched
Avg Response
43d
days to patch
Critical Gaps
9
exploitable, no detection
Severity Breakdown
Critical9
High40
Medium489
Low2
Patch Status
Patched106 (20%)
Partial/Workaround0 (0%)
Unpatched434 (80%)
CVEs (632)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-11162 | WordPress Gutenberg Block Editor Vulnerability | MEDIUM | 6.4 | 41d | Unpatched |
| CVE-2025-12580 | SMS for WordPress Plugin Vulnerability | MEDIUM | 6.1 | 41d | Unpatched |
| CVE-2025-12452 | Visit Counter Cross-Site Request Forgery | MEDIUM | 6.1 | 42d | Unpatched |
| CVE-2025-12400 | LMB^Box Smileys Plugin Vulnerability | MEDIUM | 6.1 | 42d | Unpatched |
| CVE-2025-12157 | WordPress Simple User Capabilities Plugin Vulnerability | MEDIUM | 5.3 | 42d | Unpatched |
| CVE-2025-12410 | SH Contextual Help Plugin Vulnerability | MEDIUM | 6.1 | 42d | Unpatched |
| CVE-2025-12065 | WP Carticon Plugin Vulnerability | MEDIUM | 4.4 | 42d | Unpatched |
| CVE-2025-12415 | MapMap Plugin Vulnerability | MEDIUM | 6.1 | 42d | Unpatched |
| CVE-2025-12403 | WordPress Associados Amazon Plugin Vulnerability | MEDIUM | 6.1 | 42d | Unpatched |
| CVE-2025-12389 | Import Export For WooCommerce Plugin Vulnerability | MEDIUM | 4.3 | 42d | Unpatched |