WordPress Plugin Directory

Security Scorecard

Score

46C

Total CVEs

21

Patch Rate

24%

5 patched

Avg Response

58d

days to patch

Critical Gaps

1

exploitable, no detection

Severity Breakdown

Critical4

High7

Medium10

Low0

Patch Status

Patched5 (24%)

Partial/Workaround1 (5%)

Unpatched15 (71%)

CVEs (27)

CVE ID	Title	Severity	Score	Days	Patch
CVE-2015-10146	-	Medium	4.9	51d	Unpatched
CVE-2025-62913	CVE-2025-62913	Medium	5.4	85d	Unpatched
CVE-2025-62944	MSTW CSV EXPORTER Vulnerability	Critical	9.8	86d	Unpatched
CVE-2025-10638	-	Medium	5.3	58d	Patched
CVE-2025-49933	CrocoBlock JetBlog XSS	Medium	6.5	90d	Unpatched
CVE-2025-49956	Fade Slider Cross-site Scripting Vulnerability	High	7.1	90d	Unpatched
CVE-2025-52734	ERA404 CropRefine Cross-site Scripting Vulnerability	High	7.3	90d	Unpatched
CVE-2025-62054	PHP Remote File Inclusion in Houzez Theme Functionality	High	7.5	90d	Unpatched
CVE-2025-9993	-	High	8.1	75d	Unpatched
CVE-2025-39400	wpeverest User Registration XSS	High	7.1	-	Workaround