Over the past 2 months, Patchstack Red Team has helped to identify and fix over 400 security vulnerabilities found in WordPress plugins and themes.
We have monthly cash prizes for security researchers who report vulnerabilities to Patchstack Database (in July - it's $1500 USD).
But... we want to show our deep appreciation for the Patchstack Red Team community and therefore we're excited to announce the annual games of WordPress Bug Hunt!
While the monthly cash prize pool is paid to the active Patchstack Red Team members only - we want to expand the opportunity to win prizes for everyone.
All you need to do is report at least one valid vulnerability within a WordPress core, theme, or plugin via the form here and you'll have a chance to be selected as a winner of WordPress Bug Hunt at the end of the year - so you have plenty of time to participate.
If you report more than 3 valid vulnerabilities, you'll also get the invitation to the Patchstack Red Team and a chance to be part of the monthly cash prizes!
At the end of the year, anyone who has reported at least 1 vulnerability between July 1st - 30th of December will have a chance to win one of the following prizes:
The winners will be announced on Friday 31st of December 3PM GMT.
All reports that have been validated will follow our responsible disclosure policy and will later be made publicly available on Patchstack Database. Credit will always go to original researchers.