Session
How we closed almost 1000 plugins in a month - a story of the biggest WordPress bug bounty hunt
In October 2024, our usual bug bounty hunt resulted in receiving 1570 valid reports and closing almost 1000 plugins from the official WordPress repository. This huge number looks scary and seems once again to prove the fact that WordPress ecosystem security is poor.
But is it?
Let's dive deeper into how it all happened, what were the consequences, and what we can learn from this.

Maciek Palmowski
Security Community Manager at Patchstack
Łódź, Poland
Links
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top