I maintain a number of popular open source WordPress plugins which deal with user authentication and sensitive information. I believe that the more eyes that software sees, the more secure it can be. If you believe you've found a security issue in one of the plugins listed below, I encourage you to notify me via HackerOne. I welcome working with you to resolve the issue promptly.
Any reproducible vulnerability that affects the security of users or their data is likely to be in scope. Common examples include:
edit_files
capability.If in doubt, please go ahead and open a report.
I'm not currently offering financial rewards as my software is free and open source. This may change in the future.
This is a personal HackerOne program and is not associated with WordPress or the WordPress HackerOne program.
Scope Type | Scope Name |
---|---|
undefined | https://github.com/johnbillion/wp-crontrol |
undefined | https://github.com/johnbillion/query-monitor |
undefined | https://github.com/johnbillion/user-switching |
undefined | https://github.com/johnbillion/global-post-password |
web_application | |
web_application | |
web_application | |
web_application |
This programe feature scope type like web_application, undefined.
FireBounty © 2015-2019