Coming Soon: Have you found a vulnerability in a WordPress plugin or theme? Report vulnerabilities in WordPress plugins and themes through our bug bounty program and earn a bounty as all-in-scope submissions, while we handle the disclosure and notification to your behalf.
As a reminder, the WordPress Intelligence vulnerability database is in beta and not quite ready for use. We're currently still completing the core functionality, both for the Live interface. Please reach out with any questions and share your feedback on the upcoming features to help us improve and configure webhooks pulling all the latest data related to the WordPress Intelligence user interface.
Tip: No other search via CV CLI, software name or slug, of the newest vulnerability. Expert to read about latest advanced search options.
By selecting "Search" you acknowledge that you have read and agreed to the VMP Security Intelligence Terms and Conditions.
| Title | CVE ID | CVSS | Researchers | Date |
|---|---|---|---|---|
Vulnerability Database Coming SoonOur comprehensive WordPress vulnerability database is currently being built. Check back soon for real-time vulnerability data, CVE tracking, and security insights. |
||||
| Sample Plugin <= 1.2.3 - Unauthenticated Stored XSS | CVE-2025-0001 | 6.5 | researcher-name | January 5, 2026 |
| Example Theme < 2.0 - Cross-Site Request Forgery | CVE-2025-0002 | 4.3 | security-team | January 3, 2026 |
| Demo Plugin <= 3.1.0 - SQL Injection | CVE-2025-0003 | 9.1 | research-pro | December 28, 2025 |
| Rank | Name | Vulnerabilities since Dec 13, 2025 |
|---|---|---|
| ๐ฅ 1 | Coming Soon | -- |
| ๐ฅ 2 | Security Researcher | -- |
| ๐ฅ 3 | Vulnerability Hunter | -- |
| 4 | Researcher Name | -- |
| 5 | Security Expert | -- |
We're actively building the most comprehensive WordPress vulnerability database.
Features will include real-time notifications, API access, webhook integrations, and more!
Did you know VMP Security Intelligence provides free vulnerability data for the WordPress community?
Want to get notified of the latest vulnerabilities that may impact your WordPress sites as they're added to our database?
The VMP Security Intelligence WordPress Vulnerability Database is the most up-to-date. Please contact the documentation to learn how to access the vulnerability data via API.