WordPress.org
Security Scorecard
Score
21F
Total CVEs
526
Patch Rate
2%
8 patched
Avg Response
-
days to patch
Critical Gaps
9
exploitable, no detection
Severity Breakdown
Critical6
High35
Medium483
Low2
Patch Status
Patched8 (2%)
Partial/Workaround0 (0%)
Unpatched518 (98%)
CVEs (618)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-64639 | WP Compress WP Compress MainWP Exploit | N/A | - | 0d | Unpatched |
| CVE-2025-67950 | SQL Injection in All In One SEO Pack | N/A | - | 0d | Unpatched |
| CVE-2025-67962 | AIOSEO Plugin Team Broken Link Checker SQL Injection | N/A | - | 0d | Unpatched |
| CVE-2025-13861 | WordPress Forms Plugin Vulnerability | N/A | - | 0d | Unpatched |
| CVE-2025-64247 | Edmon.parker Read More & Accordion Plugin Vulnerability | N/A | - | 1d | Unpatched |
| CVE-2025-64241 | WP Coupons and Deals Vulnerability | N/A | - | 1d | Unpatched |
| CVE-2025-13217 | WordPress Ultimate Member Plugin Vulnerability | N/A | - | 0d | Unpatched |
| CVE-2025-12885 | WordPress Embed Any Document Plugin Vulnerability | N/A | - | 0d | Unpatched |
| CVE-2025-12976 | WordPress Events Manager Plugin Vulnerability | N/A | - | 0d | Unpatched |
| CVE-2025-13498 | Download Manager Plugin Vulnerability | N/A | - | 0d | Unpatched |