TLDR: Wordfence offers a Bug Bounty Program for WordPress vulnerabilities, paying up to $31,200 per discovery. Last week, 172 vulnerabilities were reported in 157 plugins and 4 themes. Wordfence provides free access to vulnerability data via their intelligence interface and tools. 97 vulnerabilities were patched while 75 remained unpatched. Researchers contributed significantly, with the top contributors listed. Enhanced firewall rules were deployed for specific vulnerabilities, immediately available to Premium users. Users can sign up for weekly vulnerability reports.
Wordfence Intelligence Weekly WordPress Vulnerability Report (February 17, 2025 to February 23, 2025)
