Get Involved

Topics

Intro Intro

Everyone interested is encouraged to join Slack and follow the public blog to participate in any discussions there. Once the plugin repository revamp is complete, we plan to begin accepting new members.

Top ↑

Report Plugins Report Plugins

Tip: Read Reporting Plugin Security Issues for more information.

Whether or not you are a plugin reviewer, everyone is welcome to report plugins with security issues or ones that violate the plugin guidelines to the team. To do this, email plugins@wordpress.orgĀ with a descriptive subject line and a clear explanation of the issue. If youā€™re reporting a security issue, please do your best to explain how someone can reproduce the issue. You can include screenshots or attach PDFs or zips if needed.

Keep in mind, manyĀ email clients strip suspect content (even when sending) so code examples should be attached as ZIP files or PDFs.

Remember to test vulnerabilities as both an admin and an author (or lower), as some users have elevated privileges when it comes to posting unfiltered html intentionally.

Top ↑

Become a Reviewer Become a Reviewer

At this time, we are not accepting new reviewers due to technical issues. While the new directory platform has solved most issues, we have no way to give people the right amount of limited access to emails via SupportPress. To that end, we are in the process of moving to a new system, however we do not have an ETA.

The best thing you can do right now is properly report any plugins with issues to plugins@wordpress.orgĀ – include full details such as what the exact nature of the issue is, how you reproduced it, and how you verified it.

Top ↑

Contribution Days Contribution Days

Contribution days are where a group of interested people can help review plugins. As the system is limited, right now we can, as a group, review plugins. Alternately we can go through the handbook and make edits and provide fixes.