WordPress Plugin Directory
Security Scorecard
Score
46C
Total CVEs
21
Patch Rate
24%
5 patched
Avg Response
58d
days to patch
Critical Gaps
1
exploitable, no detection
Severity Breakdown
Critical4
High7
Medium10
Low0
Patch Status
Patched5 (24%)
Partial/Workaround1 (5%)
Unpatched15 (71%)
CVEs (27)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2024-9290 | - | Critical | 9.8 | 366d | Unpatched |
| CVE-2025-66122 | Stylish Price List Broken Access Control Vulnerability | N/A | - | 36d | Unpatched |
| CVE-2025-68076 | Stockholm Core XSS Vulnerability | N/A | - | 36d | Unpatched |
| CVE-2025-68876 | Invelity SPS Connect Cross-site Scripting | N/A | - | 23d | Unpatched |
| CVE-2025-23554 | Off Page SEO Plugin Vulnerability | N/A | - | 22d | Unpatched |
| CVE-2025-62146 | MX Time Zone Clocks XSS | N/A | - | 21d | Unpatched |
| CVE-2025-62756 | The Moneytizer XSS | N/A | - | 21d | Unpatched |