Wordfence conducts a Bug Bounty Program for WordPress vulnerabilities, offering up to $31,200 per submission. Recent reports show 404 new vulnerabilities in 372 plugins and 18 themes, with contributions from 68 researchers. Free access to vulnerability information and tools is provided through Wordfence Intelligence. Enhanced firewall rules were deployed for various vulnerabilities, with 86 patched and 318 unpatched last week. Vulnerabilities breakdown: 2 low, 367 medium, 26 high, and 9 critical. Cross-site scripting and CSRF are the most common types. Researchers contributing to WordPress security are acknowledged.
Wordfence Intelligence Weekly WordPress Vulnerability Report (January 13, 2025 to January 19, 2025)
