WordPress.org
Security Scorecard
Score
21F
Total CVEs
527
Patch Rate
2%
8 patched
Avg Response
-
days to patch
Critical Gaps
9
exploitable, no detection
Severity Breakdown
Critical6
High36
Medium483
Low2
Patch Status
Patched8 (2%)
Partial/Workaround0 (0%)
Unpatched519 (98%)
CVEs (619)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-9633 | LH Signing Plugin Vulnerability | MEDIUM | 4.3 | 96d | Unpatched |
| CVE-2025-9634 | Plugin Update Blocker Vulnerability | MEDIUM | 4.3 | 96d | Unpatched |
| CVE-2025-9632 | PhpList Subber Plugin Vulnerability | MEDIUM | 4.3 | 96d | Unpatched |
| CVE-2025-9627 | Run Log Plugin Vulnerability | MEDIUM | 4.3 | 96d | Unpatched |
| CVE-2025-9631 | AutoCatSet Plugin Vulnerability | MEDIUM | 4.3 | 96d | Unpatched |
| CVE-2025-9620 | Seo Monster Plugin Vulnerability | MEDIUM | 6.1 | 96d | Unpatched |
| CVE-2025-9623 | Admin in English with Switch Vulnerability | MEDIUM | 4.3 | 96d | Unpatched |
| CVE-2025-9617 | WordPress Publish Approval Plugin Vulnerability | MEDIUM | 5.3 | 96d | Unpatched |
| CVE-2025-9451 | Smartcat Translator WPML Plugin Vulnerability | MEDIUM | 6.5 | 96d | Unpatched |
| CVE-2025-9128 | Smart ID | MEDIUM | 6.4 | 97d | Unpatched |