At Lana Codes, security is paramount. We are dedicated to safeguarding our users and their data. We recognize the critical role of independent security researchers in identifying potential vulnerabilities and encourage responsible disclosure in accordance with this policy.
To ensure the efficient triage and resolution of security issues, we have partnered with the Wordfence Bug Bounty Program to manage vulnerability submissions and compensate researchers who contribute to the security of our products.
Scope
This policy applies to:
All WordPress plugins and themes owned or maintained by Lana Codes.
Wordfence will coordinate the triage, validation, and, where applicable, the disbursement of rewards for all vulnerabilities submitted through them, based on their terms and conditions.
Guidelines for Responsible Disclosure
We request that you:
Refrain from violating privacy, destroying data, or disrupting service.
Allow us a reasonable period to investigate and resolve any issues before public disclosure. Wordfence will follow their responsible disclosure policy as outlined here: https://www.wordfence.com/security/
In return, we will:
Acknowledge your submission promptly through Wordfence.
Act expeditiously to resolve verified vulnerabilities.
Provide public credit (if desired) upon resolution of the issue.
Out of Scope
The following are typically outside the scope of our vulnerability disclosure program:
Social engineering attacks.
Denial of Service (DoS) or brute-force attacks.
Issues requiring physical access.
Vulnerabilities in third-party services not under Lana Codes control.
Thank You We value the contributions of the security community and appreciate your assistance in enhancing the security of the WordPress ecosystem.
For further information regarding our commitment to security or if you have inquiries, please contact us at [email protected] or reach out via the Wordfence program.
Vulnerability Disclosure Policy
At Lana Codes, security is paramount. We are dedicated to safeguarding our users and their data. We recognize the critical role of independent security researchers in identifying potential vulnerabilities and encourage responsible disclosure in accordance with this policy.
To ensure the efficient triage and resolution of security issues, we have partnered with the Wordfence Bug Bounty Program to manage vulnerability submissions and compensate researchers who contribute to the security of our products.
Scope
This policy applies to:
All WordPress plugins and themes owned or maintained by Lana Codes.
Reporting a Vulnerability
Should you discover a potential vulnerability in one of our products or services, please report it via the Wordfence Bug Bounty Program:
https://www.wordfence.com/threat-intel/vulnerabilities/submit
Submission via Wordfence Bug Bounty Program
Wordfence will coordinate the triage, validation, and, where applicable, the disbursement of rewards for all vulnerabilities submitted through them, based on their terms and conditions.
Guidelines for Responsible Disclosure
We request that you:
In return, we will:
Out of Scope
The following are typically outside the scope of our vulnerability disclosure program:
Please refer to the Wordfence Bug Bounty Program Rules for detailed eligibility criteria in regards to bounty rewards: https://www.wordfence.com/threat-intel/bug-bounty-program/#scope
Thank You
We value the contributions of the security community and appreciate your assistance in enhancing the security of the WordPress ecosystem.
For further information regarding our commitment to security or if you have inquiries, please contact us at [email protected] or reach out via the Wordfence program.