WordPress.org
Security Scorecard
Score
21F
Total CVEs
527
Patch Rate
2%
8 patched
Avg Response
-
days to patch
Critical Gaps
9
exploitable, no detection
Severity Breakdown
Critical6
High36
Medium483
Low2
Patch Status
Patched8 (2%)
Partial/Workaround0 (0%)
Unpatched519 (98%)
CVEs (619)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-9073 | SQL Injection in All in One Minifier plugin | HIGH | 7.5 | 97d | Unpatched |
| CVE-2025-9034 | Wp Edit Password Protected Vulnerability | MEDIUM | 6.1 | 97d | Unpatched |
| CVE-2025-9979 | Maspik Plugin Vulnerability | MEDIUM | 4.3 | 95d | Unpatched |
| CVE-2025-9888 | Maspik – Ultimate Spam Protection Plugin Vulnerability | MEDIUM | 4.3 | 97d | Unpatched |
| CVE-2025-9622 | WP Blast | SEO & Performance Booster Plugin Vulnerability | MEDIUM | 4.3 | 97d | Unpatched |
| CVE-2025-9489 | WP-Members Plugin Vulnerability | MEDIUM | 5.0 | 98d | Unpatched |
| CVE-2025-9111 | AI ChatBot Vulnerability | LOW | 3.5 | 99d | Unpatched |
| CVE-2025-9058 | Mikado Core Plugin Vulnerability | MEDIUM | 6.4 | 99d | Unpatched |
| CVE-2025-9853 | Optio Dentistry WordPress Plugin Vulnerability | MEDIUM | 6.4 | 101d | Unpatched |
| CVE-2025-9515 | Multi Step Form Plugin Vulnerability | HIGH | 7.2 | 101d | Unpatched |