WordPress.org

Security Scorecard

Score

21F

Total CVEs

526

Patch Rate

2%

8 patched

Avg Response

-

days to patch

Critical Gaps

9

exploitable, no detection

Severity Breakdown

Critical6

High35

Medium483

Low2

Patch Status

Patched8 (2%)

Partial/Workaround0 (0%)

Unpatched518 (98%)

CVEs (618)

CVE ID	Title	Severity	Score	Days	Patch
CVE-2025-14165	Kirim Email WooCommerce Integration Plugin Vulnerability	MEDIUM	4.3	2d	Unpatched
CVE-2025-14391	Cross-Site Request Forgery in Simple Theme Changer Plugin	MEDIUM	4.3	2d	Unpatched
CVE-2025-14392	Simple Theme Changer Plugin Vulnerability	MEDIUM	4.3	2d	Unpatched
CVE-2025-12407	WP Events Manager Cross-Site Request Forgery Vulnerability	MEDIUM	4.3	2d	Unpatched
CVE-2025-10583	WP Fastest Cache Plugin Vulnerability	LOW	3.5	6d	Unpatched
CVE-2025-14293	WP Job Portal Plugin Vulnerability	MEDIUM	6.5	3d	Unpatched
CVE-2025-9436	Widgets for Google Reviews Plugin Vulnerability	MEDIUM	6.4	3d	Unpatched
CVE-2025-13677	Wordpress Simple Download Counter Path Traversal	MEDIUM	4.9	4d	Unpatched
CVE-2025-63037	Ronneby Theme Core XSS	MEDIUM	6.5	5d	Unpatched
CVE-2025-63061	Kallyas XSS	MEDIUM	6.5	5d	Unpatched