WordPress.org

Security Scorecard

Score

34D

Total CVEs

888

Patch Rate

46%

412 patched

Avg Response

104d

days to patch

Critical Gaps

8

exploitable, no detection

Severity Breakdown

Critical39
High156
Medium691
Low2

Patch Status

Patched412 (46%)
Partial/Workaround4 (0%)
Unpatched472 (53%)

CVEs (1,100)

CVE IDTitleSeverityScoreDaysPatch
CVE-2025-11370Depicter Popup and Slider Builder VulnerabilityN/A--Workaround
CVE-2025-11723WordPress Booking Calendar Plugin VulnerabilityN/A-0dUnpatched
CVE-2025-13409Form Vibes Database Manager VulnerabilityN/A--Patched
CVE-2025-13652CBX Bookmark & Favorite SQL Injection VulnerabilityN/A--Patched
CVE-2025-14034ilGhera Support System VulnerabilityN/A--Patched
CVE-2025-14153Page Expire Popup/Redirection VulnerabilityN/A--Patched
CVE-2025-14438Xagio SEO – AI Powered SEO plugin VulnerabilityN/A--Patched
CVE-2025-14996WordPress Plugin XSSN/A--Patched
CVE-2025-14997WordPress Plugin XSSN/A--Patched
CVE-2025-13964CVE-2025-13964N/A--Patched