WordPress.org
Security Scorecard
Score
21F
Total CVEs
529
Patch Rate
2%
8 patched
Avg Response
-
days to patch
Critical Gaps
9
exploitable, no detection
Severity Breakdown
Critical6
High36
Medium483
Low2
Patch Status
Patched8 (2%)
Partial/Workaround0 (0%)
Unpatched521 (98%)
CVEs (621)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-9130 | Unify Plugin Vulnerability | MEDIUM | 6.4 | 75d | Unpatched |
| CVE-2025-8776 | Epic Bootstrap Buttons Plugin Vulnerability | MEDIUM | 6.4 | 78d | Unpatched |
| CVE-2025-10212 | SiteAlert Vulnerability | MEDIUM | 5.3 | 78d | Unpatched |
| CVE-2025-10302 | Ultimate Viral Quiz Plugin Vulnerability | MEDIUM | 4.3 | 78d | Unpatched |
| CVE-2025-9587 | WordPress Plugin Vulnerability | HIGH | 8.6 | 75d | Unpatched |
| CVE-2025-9075 | ZoloBlocks Vulnerability | MEDIUM | 6.4 | 77d | Unpatched |
| CVE-2025-10735 | Block For Mailchimp Vulnerability | MEDIUM | 4.0 | 81d | Unpatched |
| CVE-2025-9991 | Tiny Bootstrap Elements Light Plugin Vulnerability | HIGH | 8.1 | 75d | Unpatched |
| CVE-2025-9946 | LockerPress Vulnerability | MEDIUM | 6.1 | 75d | Unpatched |
| CVE-2025-9852 | Momoyoga Shortcode Vulnerability | MEDIUM | 6.4 | 77d | Unpatched |