We currently support the latest stable release of this plugin. Security fixes are only applied to the latest version unless explicitly announced otherwise.
| Version | Supported |
|---|---|
| 1.x.x | β |
| Legacy | β |
If you discover a security vulnerability, please report it responsibly.
- Email: info@php-dev.info
We aim to respond to all legitimate reports within 3 business days and to provide a fix or mitigation within 7β14 days, depending on severity.
When reporting, please include:
- A detailed description of the vulnerability
- Steps to reproduce the issue (if possible)
- The potential impact
- A proposed fix (if known)
We appreciate contributions that help make this software more secure.
This policy covers:
- The
xpubplugin repository - All code published under the
N3XT0R\XPubnamespace - Dependencies directly maintained in this repository
Vulnerabilities in third-party packages should be reported to their respective maintainers.
We do not offer financial bounties, but we are happy to acknowledge responsible researchers publicly (upon request) once a patch has been released.
Thank you for helping us keep xPub safe.
| ------- | ------------------ | | 5.1.x | β | | 5.0.x | β | | 4.0.x | β | | < 4.0 | β |
Use this section to tell people how to report a vulnerability.
Tell them where to go, how often they can expect to get an update on a reported vulnerability, what to expect if the vulnerability is accepted or declined, etc.