WordPress.org

Security Scorecard

Score

33D

Total CVEs

883

Patch Rate

46%

408 patched

Avg Response

104d

days to patch

Critical Gaps

8

exploitable, no detection

Severity Breakdown

Critical39

High152

Medium690

Low2

Patch Status

Patched408 (46%)

Partial/Workaround4 (0%)

Unpatched471 (53%)

CVEs (1,096)

CVE ID	Title	Severity	Score	Days	Patch
CVE-2025-13893	Lesson Plan Book Plugin Vulnerability	N/A	-	-	Patched
CVE-2025-13897	Client Testimonial Slider Vulnerability	N/A	-	-	Patched
CVE-2025-13903	PullQuote Plugin Vulnerability	N/A	-	-	Patched
CVE-2025-13908	CVE-2025-13908	N/A	-	-	Patched
CVE-2025-14172	WP Page Permalink Extension Vulnerability	N/A	-	-	Patched
CVE-2025-64239	Yoav Farhi RTL Tester RTL-Tester	N/A	-	36d	Unpatched
CVE-2025-64247	Edmon.parker Read More & Accordion Vulnerability	N/A	-	36d	Unpatched
CVE-2025-64248	Emarket Design Request a Quote Vulnerability	N/A	-	36d	Unpatched
CVE-2025-64253	WordPress.org Health Check & Troubleshooting Plugin Path Traversal Vulnerability	N/A	-	36d	Unpatched
CVE-2025-66133	GDPR Cookie Notice Vulnerability	N/A	-	36d	Unpatched