WordPress.org
Security Scorecard
Score
29C
Total CVEs
540
Patch Rate
20%
106 patched
Avg Response
43d
days to patch
Critical Gaps
9
exploitable, no detection
Severity Breakdown
Critical9
High40
Medium489
Low2
Patch Status
Patched106 (20%)
Partial/Workaround0 (0%)
Unpatched434 (80%)
CVEs (632)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-12416 | WordPress Pagerank Tools Plugin Vulnerability | MEDIUM | 6.1 | 42d | Unpatched |
| CVE-2025-12396 | WordPress Clubmember Plugin Vulnerability | MEDIUM | 4.4 | 42d | Unpatched |
| CVE-2025-12371 | Nari Accountant Plugin Vulnerability | MEDIUM | 4.4 | 42d | Unpatched |
| CVE-2025-12393 | WordPress Free Quotation Plugin Vulnerability | MEDIUM | 4.4 | 42d | Unpatched |
| CVE-2025-12070 | ViaAds Cross-Site Request Forgery | MEDIUM | 4.3 | 42d | Unpatched |
| CVE-2025-12401 | WordPress Label Plugin Vulnerability | MEDIUM | 6.1 | 42d | Unpatched |
| CVE-2025-64294 | WP Snow Effect Broken Access Control Vulnerability | MEDIUM | 5.3 | 43d | Patched |
| CVE-2025-6988 | Kallyas Theme Vulnerability | MEDIUM | 6.4 | 45d | Unpatched |
| CVE-2025-12137 | Import WP Export and Import CSV and XML Files Vulnerability | MEDIUM | 4.9 | 45d | Unpatched |
| CVE-2025-12090 | WordPress Employee Spotlight Team Member Showcase & Meet the Team Plugin Vulnerability | MEDIUM | 6.4 | 45d | Unpatched |