Automattic (WordPress)
Security Scorecard
Score
71C
Total CVEs
78
Patch Rate
51%
40 patched
Avg Response
-
days to patch
Critical Gaps
0
exploitable, no detection
Severity Breakdown
Critical2
High14
Medium62
Low0
Patch Status
Patched40 (51%)
Partial/Workaround0 (0%)
Unpatched38 (49%)
CVEs (100)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-49929 | Ultimate Blocks XSS Vulnerability | Medium | 6.5 | 90d | Unpatched |
| CVE-2025-9984 | - | Medium | 5.3 | 79d | Unpatched |
| CVE-2025-9887 | - | Medium | 4.3 | 87d | Unpatched |
| CVE-2025-9849 | - | Medium | 5.3 | 101d | Unpatched |
| CVE-2025-9048 | - | High | 8.1 | 116d | Unpatched |
| CVE-2024-30197 | Church Admin Plugin XSS | Medium | 6.5 | - | Patched |
| CVE-2024-27189 | WP Social Widget XSS | Medium | 6.5 | - | Patched |
| CVE-2021-24713 | Video Lessons Manager Plugin XSS | Medium | 4.8 | - | Patched |
| CVE-2025-0969 | - | N/A | - | 2d | Unpatched |
| CVE-2025-13089 | - | N/A | - | 2d | Unpatched |