Security and disclosure

Security in our product is our priority, making sure everyone can use our product safely. However, as we are managing and making use of multiple platforms beside our WordPress plugin, a security issue could slip in via different ways.

Have you found a security issue or do you have concerns? Please read this page with care.

When you have found a security issue/databreach, do not abuse the issue and do not download any more (potential, but not limited to) sensitive data then strictly needed to prove the issue. Do not damage any of our systems/servers/platforms in any way to prove a security issue but contact us instead.

Before posting about the problem publicly

Do not post security issues publicly before we can confirm the issues have been fixed, or in case of a security issue in our WordPress plugin, the mainstream of our customers (both free and paid) have updated the plugin to a version where the issue has been fixed and cannot be abused.

Additional conditions regarding to issues in our WordPress plugin
We do have security high on our list and will make sure to stay in contact after we have published an update. Publishing a post about the security issue should be discussed with us and we will only approve a post when we can confirm most of our customers that have our plugin installed have actually updated the plugin to the new version.

Where we are interested in

As we are working with multiple platforms, issues could potentially slip in everywhere. We keep our systems, platforms and servers up-to-date.

We are interested in:

Have you found an issue that does not match the above criteria, but you think you need to report it anyway? Do not hesistate, but before reporting, please also check the ‘Where we are not interested in‘.

Where we are not interested in

However, there might also be issues where we might not be interested in. You could report these issues, but we might do not take any issues immediately or may choose not to reward you.

We are not interested in:

Rewards

Have you found a potential security issue and you reported this? Currently we don’t offer any rewards in return, other than our thanks for eternity.

Reporting the issue

In case you have found a (potential) security issue, do not hesistate and please contact us inmediately on [email protected] with the subject similar to “Security issue regarding to [site/software/platform]“.

We monitor this email account constantly and we will try to reply as soon as possible, even outside office hours when it comes to security.

Important additional information: