Automattic (WordPress)

Security Scorecard

Score

71C

Total CVEs

78

Patch Rate

51%

40 patched

Avg Response

-

days to patch

Critical Gaps

0

exploitable, no detection

Severity Breakdown

Critical2
High14
Medium62
Low0

Patch Status

Patched40 (51%)
Partial/Workaround0 (0%)
Unpatched38 (49%)

CVEs (100)

CVE IDTitleSeverityScoreDaysPatch
CVE-2026-1298Easy Replace Image Plugin VulnerabilityMedium5.3-Patched
CVE-2026-1310Elementor Simple Calendar VulnerabilityMedium5.3-Patched
CVE-2026-1381WooCommerce Order Minimum/Maximum Amount Limits VulnerabilityMedium4.4-Patched
CVE-2026-1391Vzaar Media Management Plugin XSSMedium5.3-Patched
CVE-2026-1056Snow Monkey Forms Plugin VulnerabilityCritical9.8-Patched
CVE-2026-1076Wordpress Plugin XSSMedium4.3-Patched
CVE-2026-0687Meta-box GalleryMeta Plugin VulnerabilityMedium4.3-Patched
CVE-2026-1127CVE-2026-1127Medium6.1-Patched
CVE-2026-0911CVE-2026-0911High7.5-Patched
CVE-2026-24630Stylish Cost Calculator XSSMedium6.5-Patched