WordPress.org
Security Scorecard
Score
21F
Total CVEs
527
Patch Rate
2%
8 patched
Avg Response
-
days to patch
Critical Gaps
9
exploitable, no detection
Severity Breakdown
Critical6
High36
Medium483
Low2
Patch Status
Patched8 (2%)
Partial/Workaround0 (0%)
Unpatched519 (98%)
CVEs (619)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-9216 | StoreEngine Vulnerability | HIGH | 8.8 | 91d | Unpatched |
| CVE-2025-8999 | Sydney Theme Vulnerability | MEDIUM | 5.3 | 91d | Unpatched |
| CVE-2025-10042 | Quiz Maker SQL Injection | MEDIUM | 5.9 | 93d | Unpatched |
| CVE-2025-9880 | Side Slide Responsive Menu Plugin Vulnerability | MEDIUM | 6.1 | 95d | Unpatched |
| CVE-2025-9807 | WordPress Plugin SQL Injection | HIGH | 7.5 | 95d | Unpatched |
| CVE-2025-9860 | Mixtape Plugin Vulnerability | MEDIUM | 6.4 | 96d | Unpatched |
| CVE-2025-9855 | BibliPlug Vulnerability | MEDIUM | 6.4 | 96d | Unpatched |
| CVE-2025-9776 | WordPress Media Library by Category Plugin Vulnerability | MEDIUM | 6.5 | 96d | Unpatched |
| CVE-2025-9693 | User Meta – User Profile Builder and User management plugin vulnerability | HIGH | 8.0 | 96d | Unpatched |
| CVE-2025-9635 | WordPress Analytics Unbounce Plugin Bounce Rate Reduction | MEDIUM | 4.3 | 96d | Unpatched |