WordPress.org

Security Scorecard

Score

21F

Total CVEs

529

Patch Rate

2%

8 patched

Avg Response

-

days to patch

Critical Gaps

9

exploitable, no detection

Severity Breakdown

Critical6

High36

Medium483

Low2

Patch Status

Patched8 (2%)

Partial/Workaround0 (0%)

Unpatched521 (98%)

CVEs (621)

CVE ID	Title	Severity	Score	Days	Patch
CVE-2025-9944	Wordfence WordPress Plugin Vulnerability	MEDIUM	4.3	78d	Unpatched
CVE-2025-9894	Feedly Sync Plugin Vulnerability	MEDIUM	4.3	80d	Unpatched
CVE-2025-9893	VM Menu Reorder Plugin Vulnerability	MEDIUM	4.3	80d	Unpatched
CVE-2025-9896	HidePost Cross-Site Request Forgery	MEDIUM	4.3	80d	Unpatched
CVE-2025-9490	Popup Maker Plugin Vulnerability	MEDIUM	6.4	81d	Unpatched
CVE-2025-9044	Mapster WP Maps Plugin Vulnerability	MEDIUM	6.4	82d	Unpatched
CVE-2025-9353	Themify Builder Plugin Vulnerability	MEDIUM	6.4	84d	Unpatched
CVE-2025-9487	ASE WordPress Plugin Vulnerability	MEDIUM	4.7	85d	Unpatched
CVE-2025-9949	Cross-Site Request Forgery in SEO Automated Link Building Plugin	MEDIUM	4.3	85d	Unpatched
CVE-2025-9882	WP Bridge Cross-Site Request Forgery	MEDIUM	6.1	87d	Unpatched