We do our best at TaxoPress to solve all security issues. We aim to develop, test, release and announce patches as quickly as possible after issues have been discovered.
Full details are available to customers and other trusted parties on request.
If you have discovered a vulnerability in TaxoPress, we want to hear from you as soon as possible.
Please gather as much information together as you can so we can work quickly to address it. Here’s a checklist of the details we’d like to see.
If you are a customer please open a support ticket as soon as possible and make it clear in the subject that your are reporting a security vulnerability.
If you are not a customer send all the details to [email protected]
We’ll acknowledge receipt as soon as we’ve read it. If confirmed we’ll plan a patch and let you know when we plan to release it.
Sometimes security researchers have contacted us to disclose a security vulnerability. In these cases, it’s understandable that the researcher might want to publish details of the discovery themselves.
We do expect researchers to respect the principles of responsible disclosure and to work with us to coordinate the content and timing of the public disclosure so customers are given a reasonable opportunity to update their sites.