WordPress.org
Security Scorecard
Score
21F
Total CVEs
535
Patch Rate
2%
8 patched
Avg Response
-
days to patch
Critical Gaps
9
exploitable, no detection
Severity Breakdown
Critical6
High36
Medium483
Low2
Patch Status
Patched8 (1%)
Partial/Workaround0 (0%)
Unpatched527 (99%)
CVEs (627)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-9952 | Trinity Audio TTS Plugin Vulnerability | MEDIUM | 6.1 | 71d | Unpatched |
| CVE-2025-9030 | Majestic Before After Image Vulnerability | MEDIUM | 5.4 | 74d | Unpatched |
| CVE-2025-8726 | WP Photo Album Plus Cross-Site Scripting Vulnerability | MEDIUM | 5.4 | 77d | Unpatched |
| CVE-2025-11228 | GiveWP Donation Plugin Vulnerability | MEDIUM | 5.3 | - | Patched |
| CVE-2025-9945 | Optimize More! CSS Plugin Vulnerability | MEDIUM | 4.3 | 72d | Unpatched |
| CVE-2025-9895 | Notification Bar Plugin Vulnerability | MEDIUM | 4.3 | 74d | Unpatched |
| CVE-2025-9889 | ContentMX Content Publisher Plugin Vulnerability | MEDIUM | 4.3 | 74d | Unpatched |
| CVE-2025-9885 | MPWizard Payment Link Plugin Vulnerability | MEDIUM | 4.3 | 74d | Unpatched |
| CVE-2025-9884 | Mobile Site Redirect Vulnerability | MEDIUM | 6.1 | 74d | Unpatched |
| CVE-2025-9876 | Ird Slider Plugin Vulnerability | MEDIUM | 6.4 | 74d | Unpatched |