Automattic
Security Scorecard
Score
68C
Total CVEs
221
Patch Rate
49%
108 patched
Avg Response
40d
days to patch
Critical Gaps
0
exploitable, no detection
Severity Breakdown
Critical10
High30
Medium181
Low0
Patch Status
Patched108 (49%)
Partial/Workaround1 (0%)
Unpatched112 (51%)
CVEs (273)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-14434 | Ultimate Post Kit Addons Vulnerability | N/A | - | 2d | Unpatched |
| CVE-2023-52212 | WP Job Manager XSS | N/A | - | - | Patched |
| CVE-2025-14163 | Elementor Premium Addons Cross-Site Request Forgery | N/A | - | - | Patched |
| CVE-2025-13746 | ForumWP Vulnerability | N/A | - | - | Patched |
| CVE-2025-14120 | Wordpress Plugin XSS | N/A | - | - | Patched |
| CVE-2025-14441 | Popupkit Plugin Vulnerability | N/A | - | - | Patched |
| CVE-2025-30631 | Woocommerce Sales Funnel Builder Plugin XSS | N/A | - | - | Patched |
| CVE-2025-11877 | WordPress Plugin XSS | N/A | - | - | Patched |
| CVE-2025-12648 | WP-Members Plugin Vulnerability | N/A | - | - | Patched |
| CVE-2025-13520 | MTCaptcha WordPress Plugin XSS | N/A | - | - | Patched |