WordPress.org

Security Scorecard

Score

34D

Total CVEs

889

Patch Rate

47%

413 patched

Avg Response

104d

days to patch

Critical Gaps

8

exploitable, no detection

Severity Breakdown

Critical39

High156

Medium692

Low2

Patch Status

Patched413 (46%)

Partial/Workaround4 (0%)

Unpatched472 (53%)

CVEs (1,101)

CVE ID	Title	Severity	Score	Days	Patch
CVE-2025-62082	Generic Elements Cross-site Scripting Vulnerability	Medium	6.5	-	Patched
CVE-2025-63045	Master Slider Pro XSS	Medium	6.5	-	Patched
CVE-2025-63052	SimpLy Gallery Block XSS	Medium	6.5	-	Patched
CVE-2025-63059	Ninja Popups XSS Vulnerability	Medium	6.5	-	Patched
CVE-2025-67537	ThirstyAffiliates XSS Vulnerability	Medium	6.5	-	Patched
CVE-2025-67542	SilkyPress Multi-Step Checkout for WooCommerce XSS Vulnerability	Medium	6.5	-	Patched
CVE-2025-67545	FireBox Plugin XSS	Medium	6.5	-	Patched
CVE-2025-67549	Bobbingwide oik oik Cross-site Scripting (XSS) Vulnerability	Medium	6.5	-	Patched
CVE-2025-67552	Walker Core XSS	Medium	6.5	-	Patched
CVE-2025-63034	Steve Truman Page View Count Vulnerability	Medium	5.4	-	Patched