At Plusgrade, we take cyber security and privacy seriously, however we realize that no technology is perfect. We are committed to protecting the data we receive from our partners and the personal data within our remit, which is why we offer a vulnerability disclosure program. We believe that working with skilled security researchers across the globe is crucial in identifying weaknesses in any technology. We care about information security, and we're ready to work with security researchers to improve the security of our services. Plusgrade believes that ethical security research performed in good-faith provides an invaluable public service.

We are excited for you to participate as a security researcher to help us identify vulnerabilities in our web applications.

Plusgrade has partnered with Bugcrowd to manage the vulnerability disclosure program. Vulnerabilities submitted to the program will be triaged, assessed and rated according to the Bugcrowd Vulnerability Rating Taxonomy. Researchers must also follow Bugcrowd’s standard disclosure terms.

The Plusgrade program does not allow for public disclosure and researchers may not release information about vulnerabilities found in this program to the public.

The Plusgrade vulnerability program can be accessed on Bugcrowd by following the link: bugcrowd.com/plusgrade-vdp-pro

Good luck, and happy hunting!