WordPress.org
Security Scorecard
Score
21F
Total CVEs
526
Patch Rate
2%
8 patched
Avg Response
-
days to patch
Critical Gaps
9
exploitable, no detection
Severity Breakdown
Critical6
High35
Medium483
Low2
Patch Status
Patched8 (2%)
Partial/Workaround0 (0%)
Unpatched518 (98%)
CVEs (618)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-9207 | TI WooCommerce Wishlist Plugin Vulnerability | N/A | - | 2d | Unpatched |
| CVE-2025-9488 | Redux Framework Plugin Vulnerability | N/A | - | 2d | Unpatched |
| CVE-2025-9856 | Popup Builder Vulnerability | N/A | - | 2d | Unpatched |
| CVE-2025-9873 | a3 Lazy Load Vulnerability | N/A | - | 2d | Unpatched |
| CVE-2025-12809 | CVE-2025-12809 | N/A | - | 0d | Unpatched |
| CVE-2025-13794 | Auto Post Thumbnail Plugin Vulnerability | N/A | - | 0d | Unpatched |
| CVE-2025-11991 | JetFormBuilder Plugin Vulnerability | N/A | - | 0d | Unpatched |
| CVE-2025-13439 | Fancy Product Designer Plugin Vulnerability | N/A | - | 0d | Unpatched |
| CVE-2025-13231 | Fancy Product Designer SSRF Vulnerability | N/A | - | 0d | Unpatched |
| CVE-2025-13741 | Post Expirator Vulnerability | N/A | - | 0d | Unpatched |