WordPress.org
Security Scorecard
Score
21F
Total CVEs
540
Patch Rate
2%
8 patched
Avg Response
-
days to patch
Critical Gaps
9
exploitable, no detection
Severity Breakdown
Critical9
High40
Medium489
Low2
Patch Status
Patched8 (1%)
Partial/Workaround0 (0%)
Unpatched532 (99%)
CVEs (632)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-11728 | Oceanpayment CreditCard Gateway Plugin Vulnerability | MEDIUM | 5.3 | 66d | Unpatched |
| CVE-2025-10301 | FunKiTools Plugin Vulnerability | MEDIUM | 4.3 | 66d | Unpatched |
| CVE-2025-10300 | TopBar Plugin Vulnerability | MEDIUM | 4.3 | 66d | Unpatched |
| CVE-2025-10141 | Digiseller Plugin Vulnerability | MEDIUM | 6.4 | 66d | Unpatched |
| CVE-2025-10135 | WP ViewSTL Plugin Vulnerability | MEDIUM | 6.4 | 66d | Unpatched |
| CVE-2025-10140 | Quick Social Login Vulnerability | MEDIUM | 6.4 | 66d | Unpatched |
| CVE-2025-10303 | WordPress Plugin Vulnerability | MEDIUM | 4.3 | 66d | Unpatched |
| CVE-2025-10133 | URLYar URL Shortner Plugin Vulnerability | MEDIUM | 6.4 | 66d | Unpatched |
| CVE-2025-10660 | WP Dashboard Chat Plugin Vulnerability | MEDIUM | 6.5 | 66d | Unpatched |
| CVE-2025-10682 | TARIFFUXX SQL Injection | MEDIUM | 6.5 | 66d | Unpatched |