15 lines
1.1 KiB
Markdown
15 lines
1.1 KiB
Markdown
---
|
|
post_title: Reporting security issues
|
|
menu_title: Reporting security issues
|
|
tags: reference
|
|
---
|
|
|
|
WooCommerce cares deeply about security and works hard to keep our merchants and their customers safe.
|
|
|
|
You can find our security policy [over here](https://github.com/woocommerce/woocommerce/security/policy) and, if you believe you have discovered a vulnerability, we encourage you to follow it and submit your findings via [HackerOne](https://hackerone.com/automattic?type=team)-a trusted third party service that facilitates reporting of security issues. Please refer to the policy for more details, however some key points are as follows:
|
|
|
|
- We operate a [bug bounty program](https://hackerone.com/automattic?type=team), so you can be rewarded for valid reports, but not everything is in scope. Please check the guidance before posting.
|
|
- We strongly encourage [responsible disclosure](https://www.hackerone.com/disclosure-guidelines). To better protect everyone, please use HackerOne and **do not** post your findings in a public forum.
|
|
|
|
Thank you for being a responsible reporter!
|