mirror of
git://develop.git.wordpress.org/
synced 2025-01-17 21:08:44 +01:00
70054b77af
Update the security policy displayed on GitHub, `SECURITY.md`, to refer visitors to the [https://hackerone.com/wordpress HackerOne WordPress program] for the full policy. This allows the project to maintain a single source of truth and avoid the potential for conflicting information across the two sites. Props desrosj, hellofromTonya, costdev. Fixes #57937. git-svn-id: https://develop.svn.wordpress.org/trunk@55670 602fd350-edb4-49c9-b593-d223f7449a82
1.4 KiB
1.4 KiB
Security Policy
WordPress is an open-source publishing platform. The WordPress Security Team believes in Responsible Disclosure by alerting the security team immediately and privately of any potential vulnerabilities.
Our HackerOne program covers the Core software, as well as a variety of related projects and infrastructure.
Full details of the WordPress Security Policy and the list of covered projects and infrastructure can be found on HackerOne. You can also read more in a detailed white paper about WordPress Security.
Supported Versions
| Version | Supported |
|---|---|
| 6.2.x | Yes |
| 6.1.x | Yes |
| 6.0.x | Yes |
| 5.9.x | Yes |
| 5.8.x | Yes |
| 5.7.x | Yes |
| 5.6.x | Yes |
| 5.5.x | Yes |
| 5.4.x | Yes |
| 5.3.x | Yes |
| 5.2.x | Yes |
| 5.1.x | Yes |
| 5.0.x | Yes |
| 4.9.x | Yes |
| 4.8.x | Yes |
| 4.7.x | Yes |
| 4.6.x | Yes |
| 4.5.x | Yes |
| 4.4.x | Yes |
| 4.3.x | Yes |
| 4.2.x | Yes |
| 4.1.x | Yes |
| < 4.1.0 | No |
Reporting a Vulnerability
Security issues must be submitted via HackerOne and it is recommended you read the full policy document before submitting your report.