The 2023 Wordfence Holiday Bug Extravaganza Reaches An Exciting Conclusion!

After an incredibly successful few weeks, the Wordfence Holiday Bug Extravaganza came to a close yesterday.

We’d like to sincerely thank everyone who spent time researching, finding, and submitting vulnerabilities. Your efforts have helped to make the WordPress community and the web safer. Many talented and dedicated researchers submitted bugs and vulnerabilities, some of them critically important and impacting millions of plugin users.

Here are some impressive stats from the promotion:

• 424 researchers registered all-time
• 284 researchers registered since December 1st
• $51,141.00 bounties paid since December 1st
• 165 in-scope submissions since December 1st
• 113 out of scope vulnerability submissions since December 1st

Our team has been working diligently to ingest, responsibly disclose, and publish these vulnerabilities as soon as possible so that patches can be released and make millions of websites safer.

Even though the Holiday Bug Extravaganza is over, the Wordfence Bug Bounty Program isn’t going anywhere. We will continue to offer amazing payouts to researchers who find and submit WordPress vulnerabilities.

If you are a bug bounty hunter or an expert in WordPress vulnerabilities, please join the program and potentially earn rewards for submitting bugs or vulnerabilities in WordPress themes and plugins. 

We are proud to play our part in our mission of securing the web, and glad to have so many talented Wordfence community members contributing their time and talent to help us do that.

If you happen to know anyone who is an expert in WordPress code or security and would like to get rewarded for their efforts in finding and disclosing bugs and vulnerabilities, please share this blog post with them.

Just by being a part of the Wordfence community you are making the web a safer place on a daily basis, and we thank you for that.