WordPress.org

Security Scorecard

Score

29C

Total CVEs

540

Patch Rate

20%

106 patched

Avg Response

43d

days to patch

Critical Gaps

9

exploitable, no detection

Severity Breakdown

Critical9

High40

Medium489

Low2

Patch Status

Patched106 (20%)

Partial/Workaround0 (0%)

Unpatched434 (80%)

CVEs (632)

CVE ID	Title	Severity	Score	Days	Patch
CVE-2025-58918	Entrada Theme CSRF Vulnerability	MEDIUM	4.3	53d	Patched
CVE-2025-62972	WPWebinarSystem WebinarPress Vulnerability	MEDIUM	4.3	53d	Patched
CVE-2025-62951	H5P Cross-site Scripting Vulnerability	MEDIUM	6.5	53d	Patched
CVE-2025-62937	Cross-site Scripting in Post List Featured Image Plugin	MEDIUM	5.4	53d	Patched
CVE-2025-62900	Cross-site Scripting in Popular Posts by Webline	MEDIUM	5.4	53d	Patched
CVE-2025-62905	Query Posts Cross-site Scripting	MEDIUM	5.4	53d	Patched
CVE-2025-62899	THRIVE - Web Design Gold Coast Photospace Responsive photospace-responsive	MEDIUM	5.4	53d	Patched
CVE-2025-62904	WP Geo XSS Vulnerability	MEDIUM	5.4	53d	Patched
CVE-2025-62930	MapSVG XSS Vulnerability	MEDIUM	6.1	53d	Patched
CVE-2025-62898	Cross-site Scripting in Links Shortcode Plugin	MEDIUM	5.4	53d	Patched