Automattic
Security Scorecard
Score
68C
Total CVEs
221
Patch Rate
49%
108 patched
Avg Response
40d
days to patch
Critical Gaps
0
exploitable, no detection
Severity Breakdown
Critical10
High30
Medium181
Low0
Patch Status
Patched108 (49%)
Partial/Workaround1 (0%)
Unpatched112 (51%)
CVEs (273)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-39589 | WPDeveloper Essential Addons for Elementor XSS | Medium | 4.3 | - | Patched |
| CVE-2025-39590 | WPDeveloper Essential Addons Cross-site Scripting Vulnerability | Medium | 6.5 | - | Patched |
| CVE-2025-22644 | Vayu Blocks Vulnerability | Medium | 6.5 | 288d | Unpatched |
| CVE-2024-12877 | - | Critical | 9.8 | - | Patched |
| CVE-2024-54383 | WooCommerce PDF Vouchers Plugin Vulnerability | Critical | 9.8 | - | Patched |
| CVE-2024-10924 | Really Simple Security Vulnerability | Critical | 9.8 | - | Patched |
| CVE-2024-3406 | WP Plugin XSS | High | 8.8 | - | Patched |
| CVE-2023-47774 | Clickjacking in Jetpack WordPress Plugin | Medium | 5.4 | - | Patched |
| CVE-2024-31428 | Rara Theme CSRF Vulnerability | Medium | 4.3 | - | Patched |
| CVE-2022-3539 | Testimonials WordPress Plugin Vulnerability | Medium | 4.8 | - | Patched |