Automattic
Security Scorecard
Score
68C
Total CVEs
221
Patch Rate
49%
108 patched
Avg Response
40d
days to patch
Critical Gaps
0
exploitable, no detection
Severity Breakdown
Critical10
High30
Medium181
Low0
Patch Status
Patched108 (49%)
Partial/Workaround1 (0%)
Unpatched112 (51%)
CVEs (273)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-11997 | - | Medium | 5.3 | 34d | Unpatched |
| CVE-2025-12538 | - | Medium | 4.4 | 34d | Unpatched |
| CVE-2025-11894 | - | Medium | 5.3 | 34d | Unpatched |
| CVE-2025-11822 | - | Medium | 6.4 | 34d | Unpatched |
| CVE-2025-12125 | - | Medium | 4.4 | 38d | Unpatched |
| CVE-2025-12498 | - | Medium | 4.3 | 38d | Unpatched |
| CVE-2025-11271 | - | Medium | 5.3 | 40d | Unpatched |
| CVE-2025-10691 | - | Medium | 4.3 | 40d | Unpatched |
| CVE-2025-48330 | PHP Remote File Inclusion Vulnerability in Gravity Forms | Critical | 9.8 | 76d | Unpatched |
| CVE-2025-49905 | Range Slider Addon for Gravity Forms Cross-site Scripting Vulnerability | Medium | 6.1 | 76d | Unpatched |