https://github.com/adulau/cve-search
$ python search.py -p typo3 -o json | jq -r '.cvss' | Rscript -e 'mean(as.numeric(read.table(file("stdin"))[,1]))'
[1] 6.161562
$ python search.py -p wordpress -o json | jq -r '.cvss' | Rscript -e 'mean(as.numeric(read.table(file("stdin"))[,1]))'
[1] 5.622102