Automattic (WordPress)
Security Scorecard
Score
71C
Total CVEs
78
Patch Rate
51%
40 patched
Avg Response
-
days to patch
Critical Gaps
0
exploitable, no detection
Severity Breakdown
Critical2
High14
Medium62
Low0
Patch Status
Patched40 (51%)
Partial/Workaround0 (0%)
Unpatched38 (49%)
CVEs (100)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-14170 | Vimeo SimpleGallery Plugin XSS | Medium | 5.3 | - | Patched |
| CVE-2025-12348 | Icegram Express Vulnerability | Medium | 5.3 | - | Patched |
| CVE-2025-11467 | Feedzy RSS Aggregator Vulnerability | Medium | 5.8 | - | Patched |
| CVE-2025-67533 | Themify Portfolio Post XSS | Medium | 6.5 | - | Patched |
| CVE-2025-63067 | Porto Theme Functionality Plugin Vulnerability | Medium | 4.3 | - | Patched |
| CVE-2025-67588 | Elementor Website Builder Plugin XSS | Medium | 4.3 | - | Patched |
| CVE-2025-12505 | WeDocs Plugin XSS | Medium | 5.4 | - | Patched |
| CVE-2025-12093 | Voidek Employee Portal Plugin Vulnerability | Medium | 5.3 | - | Patched |
| CVE-2025-12189 | Bread & Butter Vulnerability | Medium | 4.3 | - | Patched |
| CVE-2025-13090 | - | Medium | 4.9 | 12d | Unpatched |