Automattic
Security Scorecard
Score
67C
Total CVEs
214
Patch Rate
47%
101 patched
Avg Response
40d
days to patch
Critical Gaps
0
exploitable, no detection
Severity Breakdown
Critical10
High29
Medium175
Low0
Patch Status
Patched101 (47%)
Partial/Workaround1 (0%)
Unpatched112 (52%)
CVEs (273)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-13920 | CVE-2025-13920 | Medium | 5.3 | - | Patched |
| CVE-2026-0593 | WP Google Maps Plugin XSS | Medium | 5.3 | - | Patched |
| CVE-2025-14069 | Schema & Structured Data for WP & AMP Vulnerability | Medium | 6.4 | - | Patched |
| CVE-2026-0927 | KiviCare Plugin Vulnerability | Medium | 5.3 | - | Patched |
| CVE-2024-11976 | BuddyPress Shortcode Execution Vulnerability | High | 7.3 | - | Patched |
| CVE-2026-0914 | WP DSGVO Tools XSS Vulnerability | Medium | 6.4 | - | Patched |
| CVE-2025-13921 | weDocs AI Powered Knowledge Base Plugin Vulnerability | Medium | 4.3 | - | Patched |
| CVE-2026-24594 | Livemesh Addons for WPBakery Page Builder XSS | Medium | 4.8 | - | Patched |
| CVE-2026-24625 | WooAddonUploads XSS Vulnerability | Medium | 5.3 | - | Patched |
| CVE-2026-24562 | Ryviu Vulnerability | Medium | 5.3 | - | Patched |