Automattic
Security Scorecard
Score
68C
Total CVEs
221
Patch Rate
49%
108 patched
Avg Response
40d
days to patch
Critical Gaps
0
exploitable, no detection
Severity Breakdown
Critical10
High30
Medium181
Low0
Patch Status
Patched108 (49%)
Partial/Workaround1 (0%)
Unpatched112 (51%)
CVEs (273)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-13961 | WordPress Plugin XSS | Medium | 6.4 | - | Patched |
| CVE-2025-13969 | WordPress Plugin XSS | Medium | 6.4 | - | Patched |
| CVE-2025-13972 | WatchTowerHQ Plugin XSS | Medium | 4.9 | - | Patched |
| CVE-2025-14467 | WP Job Portal Plugin XSS | Medium | 4.4 | - | Patched |
| CVE-2025-14158 | Coding Blocks Plugin Vulnerability | Medium | 4.3 | 21d | Unpatched |
| CVE-2025-14160 | Calendly Plugin Vulnerability | Medium | 4.3 | - | Patched |
| CVE-2025-12407 | WordPress Plugin XSS | Medium | 4.3 | - | Patched |
| CVE-2025-14293 | WP Job Portal Plugin XSS | Medium | 6.5 | - | Patched |
| CVE-2025-66531 | Salon Booking System CSRF | High | 8.8 | - | Patched |
| CVE-2025-67536 | ThimPress LearnPress XSS | Medium | 6.5 | - | Patched |