WordPress.org
Security Scorecard
Score
21F
Total CVEs
526
Patch Rate
2%
8 patched
Avg Response
-
days to patch
Critical Gaps
9
exploitable, no detection
Severity Breakdown
Critical6
High35
Medium483
Low2
Patch Status
Patched8 (2%)
Partial/Workaround0 (0%)
Unpatched518 (98%)
CVEs (618)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-67579 | vanquish User Extra Fields wp-user-extra-fields Vulnerability | MEDIUM | 5.3 | 5d | Unpatched |
| CVE-2025-62734 | Media Library Downloader CSRF Vulnerability | MEDIUM | 4.3 | 5d | Unpatched |
| CVE-2025-62866 | Valerio Monti Auto Alt Text Vulnerability | MEDIUM | 4.3 | 5d | Unpatched |
| CVE-2025-62871 | TinyMCE Cross-Site Request Forgery | MEDIUM | 4.3 | 5d | Unpatched |
| CVE-2025-62994 | WP Messiah WP AI CoPilot Vulnerability | MEDIUM | 4.3 | 5d | Unpatched |
| CVE-2025-63067 | Porto Theme Functionality Bypass | MEDIUM | 4.3 | 5d | Unpatched |
| CVE-2025-64257 | My Tickets Vulnerability | MEDIUM | 4.3 | 5d | Unpatched |
| CVE-2025-67470 | Portfolio and Projects Plugin Vulnerability | MEDIUM | 4.3 | 5d | Unpatched |
| CVE-2023-22675 | WP Fast Cache CSRF Vulnerability | MEDIUM | 4.3 | 5d | Unpatched |
| CVE-2025-14246 | Simple Shopping Cart Vulnerability | MEDIUM | 6.3 | 6d | Unpatched |