WordPress.org
Security Scorecard
Score
34D
Total CVEs
894
Patch Rate
47%
417 patched
Avg Response
104d
days to patch
Critical Gaps
8
exploitable, no detection
Severity Breakdown
Critical39
High156
Medium697
Low2
Patch Status
Patched417 (47%)
Partial/Workaround4 (0%)
Unpatched473 (53%)
CVEs (1,106)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-12017 | - | Medium | 6.1 | 56d | Unpatched |
| CVE-2025-12014 | - | Medium | 4.3 | 56d | Unpatched |
| CVE-2025-12016 | - | Medium | 4.4 | 56d | Unpatched |
| CVE-2025-11576 | - | Medium | 4.3 | 56d | Unpatched |
| CVE-2025-10874 | Orbit Fox Vulnerability | Medium | 5.5 | - | Patched |
| CVE-2025-11128 | - | Medium | 5.0 | 57d | Unpatched |
| CVE-2025-10705 | - | Medium | 5.3 | 57d | Unpatched |
| CVE-2025-62026 | CVE-2025-62026 | Medium | 4.3 | 90d | Unpatched |
| CVE-2025-53421 | PickPlugins Accordion Vulnerability | Medium | 6.3 | 90d | Unpatched |
| CVE-2025-49380 | Woo-vehicle-parts-finder Object Injection Vulnerability | Medium | 5.3 | 90d | Unpatched |