If you have found vulnerabilities in WordPress core files, themes, or plugins, please report them to IPA (Information-technology Promotion Agency, Japan).