It looks like user-scripts running on Wikipedia can no longer use ORES. I'm getting a CORS error. You can test this by trying to run the following the JS dev console on a Wikimedia page:
$.ajax({url: "https://ores.wikimedia.org/v3/scores/"}).done(function(response){console.log(response)})
This is what I see:
Access to XMLHttpRequest at 'https://ores.wikimedia.org/v3/scores/' from origin 'https://en.wikipedia.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
GET https://ores.wikimedia.org/v3/scores/ net::ERR_FAILED 307