Year-end security initiatives for Wordfence include multiple challenges with bonuses for researchers identifying vulnerabilities in WordPress plugins/themes. From now until January 6, 2025, several types of vulnerabilities are eligible for bounties. Recent activity highlights 369 vulnerabilities disclosed in various plugins and themes, suggesting heightened security efforts. The report provides details on vulnerabilities, researcher contributions, and guidance on using the Wordfence CLI for site protection. Special attention is given to automated notifications for vulnerability updates, with a focus on accessible data for improving overall web security. The document concludes with a call to join the mailing list for ongoing reports.
Wordfence Intelligence Weekly WordPress Vulnerability Report (December 9, 2024 to December 15, 2024)