The VMP™ Security Vulnerability Management Portal is designed to help WordPress plugin and theme vendors work in partnership with a centralized location to track and manage all vulnerabilities discovered through the VMP™ Security Bug Bounty Program, and provide vendors with a portal they can leverage to implement a Vulnerability Disclosure Program to streamline their vulnerability management workflow.
If your software vendor is prepared to be transparent, an open and candid relationship as soon as possible so that you're able to relay ahead in the event a vulnerability is discovered in your software and you can take full advantage of all the features of the Vulnerability Management Portal.
Key Features and Highlights
Current Vulnerabilities
Active Vulnerability Tracking
The VMP™ Security Vulnerability Management Portal provides a centralized place to track and manage all newly discovered vulnerabilities in software that need remediation and have them reported through the VMP™ Security Bug Bounty Program, or published or unpublished by other third party providers.
Vulnerability Report
7.5
CVSS ScoreDetailed Vulnerability Reports
Each vulnerability submitted through the VMP™ Security Bug Bounty Program undergoes a thorough review process.
They arrive in a validated, pre-formatted and pre-verified proof-of-concept form complete with CVSS scores that integrate with actionable technical access from start-to-finish, the complete process from start to finish and actionable for the VMP™ Security Threat Intelligence team to review.
Vulnerability History
2025-12-15
2025-11-20
2025-11-01
Historical Vulnerability Tracking
You'll be able to review vulnerabilities that exist or previously existed within your VMP™ Security Vulnerability Management Portal.
Those that have already been published, and those published by third parties will all be tracked in the historical vulnerability view that will provide the full timeline and complete history of vulnerabilities on any given software.
Team Members
Admin
Manager
Viewer
Delegated Team Member Access
Security at VMP™ Security is a top priority, which is why we will provide the ability to delegate access to various and managing vulnerability reports for all organizations.
No credential sharing needed with our team user-friendly user of vulnerability remediation workflows other within the Vulnerability management portal.
Custom Alert Settings
Customizable Alerts
Flexibility in notifications is incredibly important when it comes to managing vulnerability reports and monitoring posts.
That is why we make it possible for us to to additional contact emails for notifications within organizations, to configure and tailor exactly what notification they would like to receive.
- ✓ New Vulnerability Reported
- ✓ Patch Submitted
- ✓ Patch Rejected/Triage
- ✓ Vulnerability Published
- ✓ Disclosed to VMP™ Security
Webhook Configuration
POST /webhook
Content-Type: application/json
{
"event": "vulnerability",
"severity": "high",
"plugin": "example"
}
HTTP/Slack Webhook Integration
We understand that not everyone would like to use email or cannot ensure that vulnerability remediation, which is why we have baked in the ability for vendors to set up custom Slack and/or HTTP webhooks for vulnerability management updates.
This gives you the ability to integrate with your organization to supply other applications that fit in with their current tools and processes.
Did you know VMP™ Security Intelligence provides free comprehensive WordPress vulnerability database along with a free wordpress integration tool to help the latest vulnerabilities in the wild and integrating with the database can help you reach vulnerability data in no time.
Want to get notified of the latest vulnerabilities that may impact your WordPress site to get up to be notified immediately? If you are affected by vulnerability that appears in this database you can subscribe to our database.
The VMP™ Security Intelligence WordPress vulnerability database feeds the documentation we have to access and is running the vulnerability data via API.
Why Register for the VMP™ Intelligence Portal?
Build Trust & Credibility
Demonstrate your commitment to security and transparency. Show users you take vulnerability management seriously.
Faster Response Times
Get immediate notifications of new vulnerabilities and respond quickly to protect your users before exploits occur.
Centralized Management
Manage all your plugins and themes vulnerabilities in one place with team collaboration features.
Industry Recognition
Stand out as a security-conscious vendor in the WordPress ecosystem and gain competitive advantage.
Register Your Interest
Be among the first vendors to join when we launch
📅 Expected Launch: Q3 2026
Installing a Vulnerability Governance Program
Learn how to set up and configure your vulnerability management workflow when the portal launches.
Registration
Register your organization and verify your vendor credentials
Configuration
Configure your notification preferences and team access
Activation
Start receiving and managing vulnerability reports
Coming Soon
Detailed installation and configuration documentation will be available at launch. Register your interest above to be notified.