WordPress
Security Scorecard
Score
53F
Total CVEs
39
Patch Rate
44%
17 patched
Avg Response
220d
days to patch
Critical Gaps
0
exploitable, no detection
Severity Breakdown
Critical2
High10
Medium27
Low0
Patch Status
Patched17 (44%)
Partial/Workaround1 (3%)
Unpatched21 (54%)
CVEs (46)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-12620 | - | Medium | 4.9 | 32d | Unpatched |
| CVE-2025-12526 | - | Medium | 4.3 | 34d | Unpatched |
| CVE-2025-62045 | PHP Remote File Inclusion in TheGem Theme Elements (for WPBakery) | High | 8.1 | 76d | Unpatched |
| CVE-2025-12369 | - | Medium | 6.4 | 42d | Unpatched |
| CVE-2025-11922 | - | Medium | 6.4 | 45d | Unpatched |
| CVE-2025-64204 | SmartMag XSS Vulnerability | Medium | 6.5 | 84d | Unpatched |
| CVE-2025-62928 | Joby Joseph SEO Meta Description Updater Vulnerability | High | 8.1 | 86d | Unpatched |
| CVE-2025-11255 | - | Medium | 4.3 | 55d | Unpatched |
| CVE-2025-58961 | CF7 Auto Responder Addon XSS Vulnerability | High | 7.1 | 90d | Unpatched |
| CVE-2025-58967 | PHP Remote File Inclusion Vulnerability in ThemeMove Businext | High | 8.2 | 90d | Unpatched |