Skip to content
TaxoPress
  • TaxoPress
  • Tag Groups
  • Docs
  • Blog
  • Support
  • Login
Buy Now
TaxoPress

TaxoPress Accounts and License Keys

  • TaxoPress License Keys and Multisite Networks
  • TaxoPress Pro License Keys and Local Environments
  • TaxoPress Refund Policy

Security

  • Automated Security Checks, including Checkmarx
  • Security Issues and How to Report Them
  • Home
  • TaxoPress Documentation
  • General TaxoPress.com Questions
  • Security
  • Security Issues and How to Report Them

Security Issues and How to Report Them

Table of Contents
  • How to report a security issue
  • Responsible disclosure of issues

We do our best at TaxoPress to solve all security issues. We aim to develop, test, release and announce patches as quickly as possible after issues have been discovered.

Full details are available to customers and other trusted parties on request.


How to report a security issue #

If you have discovered a vulnerability in TaxoPress, we want to hear from you as soon as possible.

Please gather as much information together as you can so we can work quickly to address it. Here’s a checklist of the details we’d like to see.

  1. Severity (high, medium, low)
  2. Vulnerability type: e.g., DoS, Overflow, XSS, CSRF, etc
  3. Exploitation Requires Authentication?: yes/no
  4. Which plugin is vulnerable and which version numbers.
  5. A description of the vulnerability
  6. Do you have reason to believe the vulnerability is being exploited?
  7. Are details of an exploit publicly available? If so, please provide us with a URL.
  8. What is the potential impact? How do you envisage it being used in an attack scenario?
  9. DREAD score, if known.
  10. CVE Identifier / Reference / Advisory Number, if applicable.
  11. If you wish to be credited for the responsible disclosure in the release announcement and the change log, please let us know. If you plan to disclose details of the vulnerability, please do let us know so we can coordinate the timing of the disclosure together.
  12. Any additional comments.

If you are a customer please open a support ticket as soon as possible and make it clear in the subject that your are reporting a security vulnerability.

If you are not a customer, send all the details to [email protected].

We’ll acknowledge receipt as soon as we’ve read it. If confirmed we’ll plan a patch and let you know when we plan to release it.


Responsible disclosure of issues #

Sometimes security researchers have contacted us to disclose a security vulnerability. In these cases, it’s understandable that the researcher might want to publish details of the discovery themselves.

We do expect researchers to respect the principles of responsible disclosure and to work with us to coordinate the content and timing of the public disclosure so customers are given a reasonable opportunity to update their sites.

Automated Security Checks, including Checkmarx
Table of Contents
  • How to report a security issue
  • Responsible disclosure of issues

Recent Posts

  • The Tag Groups Plugin is Live Here on TaxoPress March 1, 2023
  • How to Show WordPress Posts With a Specific Taxonomy Term November 11, 2022
  • How to Use the Site Editor to Design WordPress Taxonomy Archives November 9, 2022
  • What Characters Are Allowed in WordPress Taxonomy Terms? October 26, 2022
  • The Tag Groups Plugin is Now Part of TaxoPress October 14, 2022

Testimonials

I had a support issue and the response was same day. I find the plugin extremely fast and easy to implement.

stevenmayjr

Simply the best tags plugin for WordPress. The support is great, the developer very friendly and the plugin is very powerful with unlimited functionality and possibilities. Congratulations!

salvia49

Important Links

  • TaxoPress Demos
  • Frequently Asked Questions
  • About the TaxoPress Team
  • Terms of Service
  • TaxoPress Affiliates
  • Logo and Brand Materials

Our Projects

  • PublishPress
  • MetaSlider
  • KinshiPress
  • Ramble Ventures
  • Logtivity

© 2023 TaxoPress

Facebook Twitter
Scroll to top
  • TaxoPress
  • Tag Groups
  • Docs
  • Blog
  • Support
Search