Add a responsible disclosure page
BernardZijlstra opened this issue · 0 comments
Just stumbled upon https://github.com/WordPress/performance/blob/trunk/SECURITY.md which is a description of how to do a responsible disclosure for the WordPress core software. I would suggest to start a "responsible-disclosure.md" with the following text.
Responsible Disclosure
Responsible disclosure means the following: if you encounter a security breach (or a weak spot) concerning the WordPress core software, we would like to hear about this as soon as possible. The WordPress community takes security bugs seriously. We appreciate your efforts to responsibly disclose your findings, and will make every effort to acknowledge your contributions.
To report a security issue, please visit the WordPress HackerOne program.
If you encounter a security issue in the hosting documentation, we would like you to raise an issue in the hosting-handbook Github repository.