At Melapress, we take security very seriously. We are committed to ensuring that all our WordPress plugins are built securely and well-maintained. Whether you’re using WP 2FA, WP Activity Log, or any of our other plugins, you can trust that we follow industry best practices when developing the plugins.
Reporting Vulnerabilities in our plugins
If you discover a potential security issue or vulnerability in one of our plugins, we want to hear from you! Security is a collaborative effort, and we welcome the contributions of ethical hackers and researchers who can help us make our products even more secure.
To report a vulnerability, please use our Vulnerability Disclosure Program (VDP) through Patchstack. This ensures that your report reaches our team promptly and can be addressed in a responsible and timely manner. You can submit your findings using this vulnerability form.
We ask that you:
- Provide detailed information about the issue, including steps to reproduce it.
- Allow us reasonable time to investigate and fix the vulnerability before publicly disclosing it.
By following responsible disclosure practices, you’re helping us protect our users and their websites.
Our Commitment to Security Best Practices
We actively monitor and maintain our plugins to ensure they are up to date with the latest security standards. We follow specific coding guidelines and regularly review the plugins for potential security issues. Here’s what you can expect from us:
- Regular Updates: Our plugins are regularly updated to address known vulnerabilities and improve overall performance.
- Proactive Monitoring: We constantly monitor security advisories and implement patches as needed to keep our products secure.
- Collaborative Efforts: We partner with security experts and platforms like Patchstack to stay on top of the latest security threats and quickly address any issues.
Your Role in Keeping Websites Secure
While we do our best to secure our plugins, website security is a shared responsibility. We recommend that all website owners and administrators take the following precautions:
- Keep your WordPress installation, themes, and plugins updated.
- Enable strong user authentication practices, such as two-factor authentication (2FA).
- Implement strong login security policies.
- Regularly back up your website to avoid data loss in case of an attack.
Thank You for Your Support
We appreciate your trust in Melapress and our plugins. Together, we can make the WordPress ecosystem safer for everyone. If you have any questions or concerns about security, please don’t hesitate to reach out to us directly at security@melapress.com.