WordPress.org

Security Scorecard

Score

21F

Total CVEs

540

Patch Rate

2%

8 patched

Avg Response

-

days to patch

Critical Gaps

9

exploitable, no detection

Severity Breakdown

Critical9
High40
Medium489
Low2

Patch Status

Patched8 (1%)
Partial/Workaround0 (0%)
Unpatched532 (99%)

CVEs (632)

CVE IDTitleSeverityScoreDaysPatch
CVE-2025-10194Wordfence WordPress Plugin VulnerabilityMEDIUM6.466dUnpatched
CVE-2025-10486Wordpress Content Writer Plugin VulnerabilityMEDIUM5.366dUnpatched
CVE-2025-10186WordPress WhyDonate Plugin VulnerabilityMEDIUM5.366dUnpatched
CVE-2025-11196WordPress External Login Plugin VulnerabilityMEDIUM4.366dUnpatched
CVE-2025-11161WPBakery Page Builder VulnerabilityMEDIUM6.466dUnpatched
CVE-2025-10045onOffice WP-Websites Plugin VulnerabilityMEDIUM4.966dUnpatched
CVE-2025-10056Task Scheduler Plugin VulnerabilityMEDIUM4.466dUnpatched
CVE-2025-10038Binary MLM Plan VulnerabilityMEDIUM6.566dUnpatched
CVE-2025-10357Simple SEO WordPress Plugin VulnerabilityMEDIUM6.167dUnpatched
CVE-2025-9947Custom 404 Pro SQL InjectionMEDIUM4.964dUnpatched