Get Involved

Intro

Everyone is encouraged to join Slack and follow the public blog to participate in any discussions there.

Report Plugins

Whether or not you are a pluginPlugin A plugin is a piece of software containing a group of functions that can be added to a WordPress website. They can extend functionality or add new features to your WordPress websites. WordPress plugins are written in the PHP programming language and integrate seamlessly with WordPress. These can be free in the WordPress.org Plugin Directory https://wordpress.org/plugins/ or can be cost-based plugin from a third-party reviewer, everyone is welcome to report plugins with security issues or ones that violate the plugin guidelines to the team. To do this, email plugins@wordpress.org with a descriptive subject line and a clear explanation of the issue. If you’re reporting a security issue, please do your best to explain how someone can reproduce the issue. You can include screenshots or attach PDFs or zips if needed.

Keep in mind, many email clients strip suspect content (even when sending) so code examples should be attached as ZIP or PDF.

Remember to test vulnerabilities as both an admin and an author (or lower), as some users have elevated privileges when it comes to posting unfiltered html intentionally.

Contributor Days

Contributor Days at WordCampWordCamp WordCamps are casual, locally-organized conferences covering everything related to WordPress. They’re one of the places where the WordPress community comes together to teach one another what they’ve learned throughout the year and share the joy. Learn more. are where a group of interested people can help review plugins. Alternately, we can go through the handbook and make edits and provide fixes.

Interested in getting more deeply involved by joining the Plugin Review team? Check out the application process.