WordPress.org

Security Scorecard

Score

34D

Total CVEs

888

Patch Rate

46%

412 patched

Avg Response

104d

days to patch

Critical Gaps

8

exploitable, no detection

Severity Breakdown

Critical39
High156
Medium691
Low2

Patch Status

Patched412 (46%)
Partial/Workaround4 (0%)
Unpatched472 (53%)

CVEs (1,100)

CVE IDTitleSeverityScoreDaysPatch
CVE-2025-14049VikRentItems Plugin VulnerabilityMedium6.1-Patched
CVE-2025-13993MailerLite Signup Forms XSSMedium5.5-Patched
CVE-2025-13314Filter Plus Plugin XSSMedium5.3-Patched
CVE-2025-14166WPMasterToolKit Plugin XSSMedium5.3-Patched
CVE-2025-12655Hippoo Mobile App VulnerabilityMedium5.3-Patched
CVE-2025-14074CVE-2025-14074Medium5.3-Patched
CVE-2025-12408CVE-2025-12408Medium5.3-Patched
CVE-2025-14065Simple Bike Rental Plugin VulnerabilityMedium5.3-Patched
CVE-2025-14442Secure Copy Content Protection Plugin VulnerabilityMedium5.3-Workaround
CVE-2025-13971TWW Protein Calculator Plugin XSSMedium4.4-Patched