Wordfence is a Certified Numbering Authority (CNA), which grants us the ability to assign CVE IDs to WordPress plugin, theme, and core vulnerabilities. Please fill out the following form to request a CVE ID. The Wordfence Threat Intelligence team will review your submission and report back within 1-3 business days with a CVE ID assignment or a request for additional information. All CVE IDs assigned by Wordfence are listed on our site under Vulnerability Advisories and a guide to responsible disclosure can be found here.
If you would like to encrypt any fields on this form, please use the provided PGP key.
Please review our guide to responsible disclosure.
You have just indicated that you did not report this vulnerability to the vendor or developer of this product. Responsible disclosure is an important step in vulnerability discovery and, as such, we ask that you initiate the responsible disclosure process for this prior to requesting a CVE ID. It is important that the vendor is made aware of this vulnerability so they can release a patch to protect their customers.