Wordfence runs a Bug Bounty Program for WordPress vulnerabilities with rewards up to $31,200. Last week, 150 vulnerabilities were disclosed in 133 plugins and 1 theme. Wordfence provides free vulnerability information and tools for scanning and monitoring vulnerabilities. A total of 85 vulnerabilities were patched, while 65 remain unpatched, including 5 critical vulnerabilities. The top vulnerability types include cross-site scripting and missing authorization. Various researchers contributed to vulnerability discoveries, with SOPROBRO leading in submissions.