[wp-trac] [WordPress Trac] #62134: Security Issue in WordPress Core
WordPress Trac
noreply at wordpress.org
Mon Sep 30 08:02:06 UTC 2024
#62134: Security Issue in WordPress Core
---------------------------+-----------------------------
Reporter: impervaoffset | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Security | Version:
Severity: normal | Keywords:
Focuses: privacy |
---------------------------+-----------------------------
Hi,
A few months ago, we reported a security issue by sending emails to
multiple addresses under the wordpress.org domain. Unfortunately, we are
unable to submit vulnerability reports through HackerOne, as, being
employees of Imperva, we cannot agree to the terms of use of Bug Bounty
platforms on behalf of the company.
We received a response from dpo @ wordpress.org, but after providing the
details of the vulnerability, we have not heard back.
If you have an additional email address where we can send the
vulnerability details, we would be happy to forward our report there as
well.
Please be aware that we follow a 90-day disclosure policy, meaning we will
make our findings public 90 days after the initial disclosure.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/62134>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list