Automattic
Security Scorecard
Score
68C
Total CVEs
221
Patch Rate
49%
108 patched
Avg Response
40d
days to patch
Critical Gaps
0
exploitable, no detection
Severity Breakdown
Critical10
High30
Medium181
Low0
Patch Status
Patched108 (49%)
Partial/Workaround1 (0%)
Unpatched112 (51%)
CVEs (273)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-13527 | WordPress Plugin XSS | N/A | - | - | Patched |
| CVE-2025-13841 | Smart App Banners Plugin XSS | N/A | - | - | Patched |
| CVE-2025-14059 | EmailKit Plugin WordPress XSS | N/A | - | - | Patched |
| CVE-2025-14144 | Mstoic Shortcodes Plugin XSS | N/A | - | - | Patched |
| CVE-2025-14802 | LearnPress WordPress LMS Plugin Vulnerability | N/A | - | 0d | Unpatched |
| CVE-2025-69092 | WPDeveloper Essential Addons for Elementor XSS | N/A | - | 9d | Unpatched |
| CVE-2025-14574 | WeDocs Plugin Vulnerability | N/A | - | - | Patched |
| CVE-2025-14718 | WordPress Plugin XSS | N/A | - | - | Patched |
| CVE-2025-15019 | BIALTY - Bulk Image Alt Text with Yoast SEO + WooCommerce Plugin XSS | N/A | - | - | Patched |
| CVE-2025-13628 | Tutor LMS Plugin Vulnerability | N/A | - | - | Patched |