Interested in going full-time bug bounty? Check out our blueprint!

Wordfence + Critical Thinking

Wordfence just launched an INSANE new bug bounty program. They are paying 6.25x bounties on ANY WordPress plugin above 50k installs. 

And, exclusively for CT Listeners, they are increasing the pending submission count limit to 20 reports and giving a 10% bonus on your first report (on top of the 6.25x already in play)! All you have to do is mention Critical Thinking in your report. 

On top of that, there are more bonuses that I expect many of you will qualify for, so check those out below as well.

Bounties:

Low: $0-$625 - RXSS, CSRF, Low-impact Broken Authorization

Mediums: $60-$1,875 - Medium-impact Missing Authorization

Highs: $125-$3,750  - Arbitrary File Deletion, Unauthenticated Stored XSS

Crits: $625-$10,000 - Unauthed RCE, Unauthed PrivEsc, Auth Bypass

The bounties scale within the range according to the number of installs up to from 50k->1m installs. Thresholds are 50k,100k,500k,1m installs.

How to maximize your bounties on the Wordfence program from @infosecchloe:

Stick to vulns that require no user interaction and no auth (or low auth like subscriber) to exploit and aren't as common and lead to easy full site compromise and you'll earn our top rewards.

Today, we awarded $2750 for an unauthenticated RCE in a plugin w/90k installs. The lower install counts are on the lower end of our pay range so it would only go up from there. We've been rewarding around $100 - $300 for medium-level auth required Cross-Site Scripting. Those are so easy to find, which is why we pay less for those. Things we care most about are RCE, Arbitrary File Uploads, Arbitrary File Deletion, Arbitrary File Overwritting, Auth Bypass to Admin, Privilege Escalation to Admin, Arbitrary Options Updates.

Sign up for the Wordfence Program here.

CTBB Podcast Wordpress Plugin Testing Resources:

Setting up your local WordPress Instance in 2 min (Windows):

1. Download Docker Desktop for Windows

2. Download our CTBB Podcast Wordpress docker-compose.yaml file: https://ctbb.show/wp-docker

3. Run the following command in PowerShell in the same directory as your docker-compose.yaml file:

docker-compose.exe up

4. Visit: http://localhost:1337 - you're live.

Setting up your local WordPress Instance in 2 min (Linux/MacOS):

1. Download Docker for your distro (quick Google)

2. Download our CTBB Podcast Wordpress docker-compose.yaml file: https://ctbb.show/wp-docker

3. Run the following command in your terminal in the same directory as the docker-compose.yaml file:

docker-compose up

4. Visit: http://localhost:1337 - you're live.

JSON Data for all Wordpress.org Plugins Above 50k installs (800+)

https://ctbb.show/downloads/pluginData