Automattic (the company behind WordPress)
Security Scorecard
Score
52F
Total CVEs
5
Patch Rate
0%
0 patched
Avg Response
-
days to patch
Critical Gaps
0
exploitable, no detection
Severity Breakdown
Critical0
High1
Medium4
Low0
Patch Status
Patched0 (0%)
Partial/Workaround1 (20%)
Unpatched4 (80%)
CVEs (8)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-9082 | WPBITS Addons For Elementor Plugin Vulnerability | Medium | 6.4 | - | Workaround |
| CVE-2025-14071 | Live Composer – Free WordPress Website Builder Plugin Vulnerability | High | 7.5 | 32d | Unpatched |
| CVE-2025-13534 | - | Medium | 6.3 | 12d | Unpatched |
| CVE-2025-11427 | - | Medium | 5.8 | 27d | Unpatched |
| CVE-2025-49908 | WPC Countdown Timer for WooCommerce XSS | Medium | 6.5 | 90d | Unpatched |
| CVE-2025-14387 | - | N/A | - | 0d | Unpatched |
| CVE-2025-12077 | - | N/A | - | 2d | Unpatched |
| CVE-2025-68993 | XforWooCommerce Share, Print and PDF Products Vulnerability | N/A | - | 22d | Unpatched |