Automattic (WordPress)
Security Scorecard
Score
71C
Total CVEs
78
Patch Rate
51%
40 patched
Avg Response
-
days to patch
Critical Gaps
0
exploitable, no detection
Severity Breakdown
Critical2
High14
Medium62
Low0
Patch Status
Patched40 (51%)
Partial/Workaround0 (0%)
Unpatched38 (49%)
CVEs (100)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-11268 | - | Medium | 4.3 | 40d | Unpatched |
| CVE-2025-54722 | WooTour XSS | High | 7.1 | 76d | Unpatched |
| CVE-2025-60248 | PHP Remote File Inclusion Vulnerability in WPC Product Options for WooCommerce | High | 7.5 | 76d | Unpatched |
| CVE-2025-11835 | - | Medium | 5.3 | 41d | Unpatched |
| CVE-2025-12402 | - | Medium | 6.1 | 42d | Unpatched |
| CVE-2025-11841 | - | Medium | 6.4 | 42d | Unpatched |
| CVE-2025-12367 | - | Medium | 4.3 | 45d | Unpatched |
| CVE-2025-11816 | - | Medium | 5.3 | 45d | Unpatched |
| CVE-2025-10579 | - | Medium | 5.3 | 55d | Unpatched |
| CVE-2025-10748 | - | Medium | 6.5 | 56d | Unpatched |