Plugbounty - The Bug Bounty Platform for Plugins & Extensions
By: ded1cated
May 16, 2018
By: ded1cated
May 16, 2018
As a researcher, I've been doing responsive disclosures for some time and for the last couple of years my focus has been on CMS security. There are so many Plugins and Extensions which usually can't be applied to bigger bug-bounty platforms, but the risk they could pose for hundreds of thousands of websites can often be insane.Statistically, a common CMS based website uses about 10 different plugins to provide its functionality. Plugins are being updated on a daily basis and having an outdated and vulnerable plugin on the site is just a matter of time. The situation gets even worse when you look at the userbase behind these extensions/plugins. Some of them are powering functionalities on hundreds of thousands of websites, which means just a single vulnerability on such a popular plugin can cause a lot of damage.For example, TheHackerNews.To tackle this issue, we are launching a platform dedicated to plugin/theme, extension developers who support most popular platforms like WordPress, Joomla, Magento, Prestashop and also to frameworks such as Laravel, Symphony, Django etc.For Hackers, there will be new, exciting environment. Most of the projects are open-source and there will be a lot to choose from. We are also introducing prizes to top bounty-hunters.You can sign up for early access here.