WordPress.org
Security Scorecard
Score
21F
Total CVEs
526
Patch Rate
2%
8 patched
Avg Response
-
days to patch
Critical Gaps
9
exploitable, no detection
Severity Breakdown
Critical6
High35
Medium483
Low2
Patch Status
Patched8 (2%)
Partial/Workaround0 (0%)
Unpatched518 (98%)
CVEs (618)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-67912 | Stars Testimonials Cross-site Scripting Vulnerability | MEDIUM | 6.5 | 0d | Unpatched |
| CVE-2025-13891 | Modula Gallery Photo Grid & Video Gallery Plugin Vulnerability | MEDIUM | 6.5 | 2d | Unpatched |
| CVE-2025-13839 | WordPress LJUsers Plugin Vulnerability | MEDIUM | 6.4 | 2d | Unpatched |
| CVE-2025-13747 | NewStatPress Plugin Vulnerability | MEDIUM | 6.4 | 2d | Unpatched |
| CVE-2025-13843 | VigLink SpotLight By ShortCode Vulnerability | MEDIUM | 6.4 | 2d | Unpatched |
| CVE-2025-13846 | Easy Map Creator Plugin Vulnerability | MEDIUM | 6.4 | 2d | Unpatched |
| CVE-2025-13850 | LS Google Map Router Plugin Vulnerability | MEDIUM | 6.4 | 2d | Unpatched |
| CVE-2025-13884 | WordPress Hide Email Address Plugin Vulnerability | MEDIUM | 6.4 | 2d | Unpatched |
| CVE-2025-13885 | Zenost Shortcodes Vulnerability | MEDIUM | 6.4 | 2d | Unpatched |
| CVE-2025-13889 | Simple Nivo Slider Cross-Site Scripting Vulnerability | MEDIUM | 6.4 | 2d | Unpatched |