How can I report a potential WP or plugin vulnerabilty?

chandraclarke · Member · Mar 17, 2015 at 2:42 am
Copy link

Add topic to favorites
I have an alert set up for mentions for a particular name, and I’m suddenly seeing this name in a lot of “spun content” that has clearly been somehow injected across what look like a number of unrelated (and otherwise legit) WordPress installs. I can’t tell if it’s an issue with WP core or a plugin, and I can’t tell which plugin, but it ought to be reported somewhere as it’s clearly hitting a lot of WP sites. I can’t find anywhere to report this to on wordpress.org or .com, and it should be investigated.
raincoaster · Member · Mar 17, 2015 at 2:46 am
Copy link
Well, where to report it rather depends on whether it’s a WordPress.com or a WordPress.org vulnerability. What kind of WP are the installs?
timethief · Member · Mar 17, 2015 at 2:46 am
Copy link
See here https://make.wordpress.org/core/handbook/reporting-security-vulnerabilities/
chandraclarke · Member · Mar 17, 2015 at 3:36 am
Copy link
Thanks @timethief, that’s exactly what I needed.
timethief · Member · Mar 17, 2015 at 3:38 am
Copy link
You’re welcome.

The topic ‘How can I report a potential WP or plugin vulnerabilty?’ is closed to new replies.

Couldn't find what you needed?

Contact us

Get answers from our AI assistant, with access to 24/7 expert human support on paid plans.

Browse our guides

Find step-by-step solutions to common questions in our comprehensive guides.