WordPress.org
Security Scorecard
Score
34D
Total CVEs
895
Patch Rate
47%
418 patched
Avg Response
104d
days to patch
Critical Gaps
8
exploitable, no detection
Severity Breakdown
Critical39
High156
Medium698
Low2
Patch Status
Patched418 (47%)
Partial/Workaround4 (0%)
Unpatched473 (53%)
CVEs (1,107)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-62965 | Wordpress Admin Management Xtended Vulnerability | High | 7.2 | 86d | Unpatched |
| CVE-2025-62969 | Cross-site Scripting in NextMove Lite woo-thank-you-page-nextmove-lite | Medium | 6.5 | 86d | Unpatched |
| CVE-2025-62982 | Cross-site Scripting in Dynamic User Directory | Medium | 5.4 | 86d | Unpatched |
| CVE-2025-62988 | Slider Template SSRF Vulnerability | Medium | 4.9 | 86d | Unpatched |
| CVE-2025-48088 | WPBakery Page Builder XSS Vulnerability | Medium | 6.5 | 86d | Unpatched |
| CVE-2025-9322 | - | High | 7.5 | 53d | Unpatched |
| CVE-2025-11269 | - | Medium | 5.3 | 55d | Unpatched |
| CVE-2025-11879 | - | Medium | 6.5 | 55d | Unpatched |
| CVE-2025-11760 | - | Medium | 5.3 | 55d | Unpatched |
| CVE-2025-11823 | - | Medium | 6.4 | 55d | Unpatched |