mirror of
git://develop.git.wordpress.org/
synced 2025-02-25 00:52:55 +01:00
70054b77af
Update the security policy displayed on GitHub, `SECURITY.md`, to refer visitors to the [https://hackerone.com/wordpress HackerOne WordPress program] for the full policy. This allows the project to maintain a single source of truth and avoid the potential for conflicting information across the two sites. Props desrosj, hellofromTonya, costdev. Fixes #57937. git-svn-id: https://develop.svn.wordpress.org/trunk@55670 602fd350-edb4-49c9-b593-d223f7449a82
40 lines
1.4 KiB
Markdown
40 lines
1.4 KiB
Markdown
# Security Policy
|
|
|
|
WordPress is an open-source publishing platform. The WordPress Security Team believes in Responsible Disclosure by alerting the security team immediately and privately of any potential vulnerabilities.
|
|
|
|
Our HackerOne program covers the Core software, as well as a variety of related projects and infrastructure.
|
|
|
|
Full details of the WordPress Security Policy and the list of covered projects and infrastructure can be found on [HackerOne](https://hackerone.com/wordpress). You can also read more in a detailed white paper about [WordPress Security](https://wordpress.org/about/security/).
|
|
|
|
## Supported Versions
|
|
|
|
| Version | Supported |
|
|
| ------- | --------- |
|
|
| 6.2.x | Yes |
|
|
| 6.1.x | Yes |
|
|
| 6.0.x | Yes |
|
|
| 5.9.x | Yes |
|
|
| 5.8.x | Yes |
|
|
| 5.7.x | Yes |
|
|
| 5.6.x | Yes |
|
|
| 5.5.x | Yes |
|
|
| 5.4.x | Yes |
|
|
| 5.3.x | Yes |
|
|
| 5.2.x | Yes |
|
|
| 5.1.x | Yes |
|
|
| 5.0.x | Yes |
|
|
| 4.9.x | Yes |
|
|
| 4.8.x | Yes |
|
|
| 4.7.x | Yes |
|
|
| 4.6.x | Yes |
|
|
| 4.5.x | Yes |
|
|
| 4.4.x | Yes |
|
|
| 4.3.x | Yes |
|
|
| 4.2.x | Yes |
|
|
| 4.1.x | Yes |
|
|
| < 4.1.0 | No |
|
|
|
|
## Reporting a Vulnerability
|
|
|
|
Security issues must be submitted via [HackerOne](https://hackerone.com/wordpress) and it is recommended you read the full policy document before submitting your report.
|