We seriously take care about any security issues found in phpMyFAQ or bundled components. If you’ve discovered a security vulnerability in phpMyFAQ, we appreciate your help in disclosing it to us in a responsible manner.
| Version | Supported | Active development |
|---|---|---|
| 3.2.x | ✓ | 2022 - |
| 3.1.x | ✓ | 2022 - |
| 3.0.x | ✓ | 2020 - 2022 |
| < 2.9 | ✗ | 2001 - 2019 |
Publicly disclosing a vulnerability can put the entire community at risk. If you’ve discovered a security concern, please email us at [email protected]. We’ll work with you to make sure that we understand the scope of the issue, and that we fully address your concern. We consider correspondence sent to [email protected] our highest priority, and work to address any issues that arise as quickly as possible.
Another option if you discover a security vulnerability in phpMyFAQ please disclose it via our huntr page. Bounty eligibility, CVE assignment, response times and past reports are all there.
Please act in good faith towards our users’ privacy and data during your disclosure. We won’t take legal action against you or administrative action against your account if you act accordingly: White hat researchers are always appreciated.
Thank you for improving the security of phpMyFAQ.
Copyright © 2001 - 2022 Thorsten Rinne and the phpMyFAQ Team