WordPress.org

Security Scorecard

Score

34D

Total CVEs

888

Patch Rate

46%

412 patched

Avg Response

104d

days to patch

Critical Gaps

8

exploitable, no detection

Severity Breakdown

Critical39
High156
Medium691
Low2

Patch Status

Patched412 (46%)
Partial/Workaround4 (0%)
Unpatched472 (53%)

CVEs (1,100)

CVE IDTitleSeverityScoreDaysPatch
CVE-2025-13627Makesweat Plugin VulnerabilityMedium4.4-Patched
CVE-2025-14301Woosa AI for WooCommerce VulnerabilityCritical9.8-Patched
CVE-2025-14379Testimonials Creator Plugin VulnerabilityMedium4.4-Patched
CVE-2025-14464PDF Resume Parser Plugin VulnerabilityMedium5.3-Patched
CVE-2025-14482CVE-2025-14482Medium4.3-Patched
CVE-2025-14502News and Blog Designer Bundle Plugin VulnerabilityCritical9.8-Patched
CVE-2025-14613GetContentFromURL Plugin VulnerabilityHigh7.2-Patched
CVE-2025-14615CVE-2025-14615High7.1-Patched
CVE-2025-14854WP-CRM System Plugin VulnerabilityMedium5.4-Patched
CVE-2025-14880Netcash WooCommerce Payment Gateway Plugin VulnerabilityMedium5.3-Patched