This site uses cookies in accordance with our Privacy Policy.
Wordfence is a Certified Numbering Authority (CNA), which grants us the ability to assign CVE IDs to WordPress plugin, theme, and core vulnerabilities. Please fill out the following form to request a CVE ID or to submit a vulnerability that will be added to our public database of vulnerabilities. All vulnerabilities reported to us without previous CVE ID assignment will be assigned a CVE ID. The Wordfence Threat Intelligence team will review your submission and report back within 1-3 business days with a CVE ID assignment and a link your published vulnerability, if already patched. We may request additional information.
All CVE IDs assigned by Wordfence are added to our vulnerability database as part of Wordfence Intelligence.
A guide to responsible disclosure can be found here. If you have any questions, please send an email to cve-request@wordfence.com.
If you would like to encrypt any fields on this form, please use the provided PGP key.
Want to earn rewards for your vulnerability research?
Wordfence is now offering a bug bounty program that rewards researchers with monetary payouts for qualifying vulnerability reports. Learn more
Vulnerabilities submitted through the form on the current page will not be part of the Wordfence Bug Bounty program and will not be eligible for rewards issued as part of the program.