Automattic
Security Scorecard
Score
67C
Total CVEs
214
Patch Rate
47%
101 patched
Avg Response
40d
days to patch
Critical Gaps
0
exploitable, no detection
Severity Breakdown
Critical10
High29
Medium175
Low0
Patch Status
Patched101 (47%)
Partial/Workaround1 (0%)
Unpatched112 (52%)
CVEs (273)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2026-0635 | Responsive Accordion Slider Plugin Vulnerability | Medium | 4.3 | - | Patched |
| CVE-2026-0678 | WooCommerce Flat Shipping Rate by City Vulnerability | Medium | 4.9 | - | Patched |
| CVE-2026-0680 | Real Post Slider Lite Plugin Vulnerability | Medium | 4.4 | - | Workaround |
| CVE-2026-0717 | CVE-2026-0717 | Medium | 5.3 | - | Patched |
| CVE-2020-36919 | WPForms Cross-Site Scripting Vulnerability | Medium | 6.1 | - | Patched |
| CVE-2025-14943 | CVE-2025-14943 | Medium | 4.3 | - | Patched |
| CVE-2025-13749 | Clearfy Cache Vulnerability | Medium | 4.3 | - | Patched |
| CVE-2026-0627 | AMP for WP Plugin Vulnerability | Medium | 6.4 | - | Patched |
| CVE-2025-13679 | Tutor LMS Plugin Vulnerability | Medium | 6.5 | - | Patched |
| CVE-2026-22518 | PencilWP X Addons for Elementor XSS Vulnerability | Medium | 6.5 | - | Patched |