Coming Soon: Have you found a vulnerability in a WordPress plugin or theme? Report vulnerabilities in WordPress plugins and themes through our bug bounty program and earn a bounty as all-in-scope submissions, while we handle the disclosure and notification to your behalf.
As a reminder, the WordPress Intelligence vulnerability database is in beta and not quite ready for use. We're currently still completing the core functionality, both for the Live interface. Please reach out with any questions and share your feedback on the upcoming features to help us improve and configure webhooks pulling all the latest data related to the WordPress Intelligence user interface.
WordPress Vulnerability Database
WordPress Core
WordPress Plugins
WordPress Themes
Search All Vulnerabilities
Tip: Use the search to find vulnerabilities by CVE ID, plugin name, or slug. Visit our documentation to learn about advanced search options.
By selecting "Search" you acknowledge that you have read and agreed to the VMP™ Security Intelligence Terms and Conditions.
All Vulnerabilities
| Title | CVE ID | CVSS | Researchers | Date |
|---|---|---|---|---|
Vulnerability Database Coming SoonOur comprehensive WordPress vulnerability database is currently being built. Check back soon for real-time vulnerability data, CVE tracking, and security insights. |
||||
| Sample Plugin <= 1.2.3 - Unauthenticated Stored XSS | CVE-2025-0001 | 6.5 | researcher-name | January 5, 2026 |
| Example Theme < 2.0 - Cross-Site Request Forgery | CVE-2025-0002 | 4.3 | security-team | January 3, 2026 |
| Demo Plugin <= 3.1.0 - SQL Injection | CVE-2025-0003 | 9.1 | research-pro | December 28, 2025 |
Researcher Hall of Fame (Past 30 days)
| Rank | Name | Vulnerabilities since Dec 13, 2025 |
|---|---|---|
| ๐ฅ 1 | Coming Soon | -- |
| ๐ฅ 2 | Security Researcher | -- |
| ๐ฅ 3 | Vulnerability Hunter | -- |
| 4 | Researcher Name | -- |
| 5 | Security Expert | -- |
๐ Database Launch Coming Soon
We're actively building the most comprehensive WordPress vulnerability database.
Features will include real-time notifications, API access, webhook integrations, and more!
Get Notified
Did you know VMP™ Security Intelligence provides free vulnerability data for the WordPress community?
Start Researching
Want to get notified of the latest vulnerabilities that may impact your WordPress sites as they're added to our database?
Report Issues
The VMP™ Security Intelligence WordPress Vulnerability Database is the most up-to-date. Please contact the documentation to learn how to access the vulnerability data via API.