Automattic (WordPress)

Security Scorecard

Score

71C

Total CVEs

78

Patch Rate

51%

40 patched

Avg Response

-

days to patch

Critical Gaps

0

exploitable, no detection

Severity Breakdown

Critical2
High14
Medium62
Low0

Patch Status

Patched40 (51%)
Partial/Workaround0 (0%)
Unpatched38 (49%)

CVEs (100)

CVE IDTitleSeverityScoreDaysPatch
CVE-2026-0939WooCommerce Rede Itaú Plugin VulnerabilityMedium5.3-Patched
CVE-2026-0942WooCommerce Rede Order Logs VulnerabilityMedium5.3-Patched
CVE-2026-1003CVE-2026-1003Medium4.3-Patched
CVE-2026-0812LinkedIn SC Plugin VulnerabilityMedium4.4-Patched
CVE-2025-9294CVE-2025-9294Medium4.3-Patched
CVE-2025-9318QSM SQL Injection VulnerabilityMedium6.5-Patched
CVE-2025-14428My Sticky Elements Plugin VulnerabilityMedium4.30dUnpatched
CVE-2025-68494Leap13 Premium Addons for Elementor VulnerabilityHigh7.5-Patched
CVE-2025-13334WordPress Plugin XSSHigh8.1-Patched
CVE-2025-14119CVE-2025-14119Medium6.4-Patched