TLDR: Wordfence runs a Bug Bounty Program for WordPress vulnerabilities, offering rewards up to $31,200. A critical SVG Upload vulnerability was reported for the Jupiter X Core plugin (versions ≤4.8.7), allowing authenticated users to execute remote code. The issue was disclosed on January 6, 2025, and patched by January 29, 2025, with Wordfence users receiving protection earlier. Users are urged to update to version 4.8.8 to maintain site security.