At Wordfence, we run a bug bounty program that pays out mid-six figures per year to researchers in bug bounties for WordPress related vulnerabilities. Funding this research helps us improve security for the WordPress community overall, and helps us secure our customers by rolling out protection for new vulnerabilities as they’re discovered. We started tracking what vulnerability submissions used AI in some form, starting in late November 2025. These are self-reported stats from researchers.
From the first week of full tracking data we have gone from 16% of all vulnerabilities reported leveraging some form of AI during the research, to
Click here to continue reading this article.