We release patches for security vulnerabilities. Which versions are eligible for receiving such patches depend on the CVSS v3.0 Rating:
Version | Supported |
---|---|
1.0.x | ✅ |
< 1.0 | ❌ |
If you discover a security vulnerability, please report it to us by sending an email to purewebdev@gmail.com or contacting us on Twitter @purewebdev. We will respond as quickly as possible to address the issue.
Please include the following details with your report:
- A description of the vulnerability and its impact.
- Steps to reproduce the vulnerability.
- Any potential fixes or mitigations you have identified.
We appreciate your efforts to responsibly disclose your findings and will make every effort to acknowledge your report promptly.