Craft CMS
Security Scorecard
Score
100A
Total CVEs
5
Patch Rate
100%
5 patched
Avg Response
-
days to patch
Critical Gaps
0
exploitable, no detection
Severity Breakdown
Critical1
High2
Medium2
Low0
Patch Status
Patched5 (100%)
Partial/Workaround0 (0%)
Unpatched0 (0%)
CVEs (5)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-68538 | Craft Coffee Shop Cafe Restaurant WordPress Theme Cross-site Scripting Vulnerability | High | 7.1 | - | Patched |
| CVE-2025-68456 | Craft CMS Database Backup Vulnerability | Critical | 9.1 | - | Patched |
| CVE-2025-68454 | Craft CMS Twig SSTI Vulnerability | High | 8.8 | - | Patched |
| CVE-2025-68436 | Craft CMS Image Exposure Vulnerability | Medium | 6.5 | - | Patched |
| CVE-2025-68437 | Craft CMS SSRF Vulnerability | Medium | 6.8 | - | Patched |