Calling WordPress Security Researchers: Fresh CVEs Available Now For Your Research Enjoyment

Calling All WordPress Security Researchers!

Wordfence Goes Live With CVE Assignments as an Authorized CVE Numbering Authority

If you’re a security researcher or an aspiring researcher, I have great news. Today we’re launching our CVE request process, which lets you get an official CVE identifier for any vulnerabilities you find in WordPress Core, WordPress Themes, and WordPress Plugins.


If you are a security researcher and want to work with us to get your CVE assignments and get your vulnerabilities published, first read our guide on responsible vulnerability disclosure.


When you need to apply for a CVE, you can use our form on this page.


Your vulnerability will appear on our Vulnerability Advisories page and will also be sent to MITRE for publication in their official database of CVE assigned vulnerabilities.


We’re looking forward to helping enable and accelerate your efforts to secure the WordPress community.




Mark Maunder – Wordfence Founder & CEO