WordPress.org

Security Scorecard

Score

29C

Total CVEs

540

Patch Rate

20%

106 patched

Avg Response

43d

days to patch

Critical Gaps

9

exploitable, no detection

Severity Breakdown

Critical9
High40
Medium489
Low2

Patch Status

Patched106 (20%)
Partial/Workaround0 (0%)
Unpatched434 (80%)

CVEs (632)

CVE IDTitleSeverityScoreDaysPatch
CVE-2025-10138This-or-That Plugin VulnerabilityMEDIUM6.458dUnpatched
CVE-2025-11807Mixlr Shortcode VulnerabilityMEDIUM6.458dUnpatched
CVE-2025-11809WP-Force Images Download Plugin VulnerabilityMEDIUM6.458dUnpatched
CVE-2025-11741WooCommerce Smart Quick View Plugin VulnerabilityMEDIUM5.362dUnpatched
CVE-2025-11510FileBird Media Library Folders & File Manager Plugin VulnerabilityMEDIUM4.362dUnpatched
CVE-2025-11270Gutenberg Essential Blocks VulnerabilityMEDIUM6.462dUnpatched
CVE-2025-11738Media Library Assistant Plugin VulnerabilityMEDIUM5.362dUnpatched
CVE-2025-11857XX2WP Integration Tools Plugin VulnerabilityMEDIUM6.462dUnpatched
CVE-2025-11814WPBakery Plugin XSS VulnerabilityMEDIUM6.465dPatched
CVE-2025-11701Zip Attachments Plugin VulnerabilityMEDIUM5.366dUnpatched