WordPress
Security Scorecard
Score
53F
Total CVEs
39
Patch Rate
44%
17 patched
Avg Response
220d
days to patch
Critical Gaps
0
exploitable, no detection
Severity Breakdown
Critical2
High10
Medium27
Low0
Patch Status
Patched17 (44%)
Partial/Workaround1 (3%)
Unpatched21 (54%)
CVEs (46)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-63075 | Betheme Cross-site Scripting Vulnerability | Medium | 6.5 | - | Patched |
| CVE-2025-67574 | Vulnerability in WordPress Booking Calendar Plugin | Medium | 5.3 | - | Patched |
| CVE-2025-13922 | WordPress Plugin XSS | Medium | 6.5 | - | Patched |
| CVE-2025-13309 | CodeConfig Accessibility Toolbar XSS | Medium | 4.3 | - | Patched |
| CVE-2025-10055 | Time Sheets Cross-Site Request Forgery | Medium | 4.3 | 29d | Unpatched |
| CVE-2025-12666 | - | Medium | 6.4 | 18d | Unpatched |
| CVE-2025-12579 | - | Medium | 5.3 | 18d | Unpatched |
| CVE-2025-12578 | - | Medium | 4.3 | 18d | Unpatched |
| CVE-2024-14015 | - | High | 7.1 | 19d | Patched |
| CVE-2025-66077 | Wordpress Legal Pages Plugin Vulnerability | Medium | 4.3 | 61d | Unpatched |