Security researchers play an important part in helping keep our product secure.
Our Security Bounty Program is our way to reward security researchers for finding and reporting security vulnerabilities to us.
The WHMCS Security Bounty Program is managed through Bugcrowd. Please report any vulnerabilities via our Bugcrowd page.
The WHMCS Security Bounty Program is managed through Bugcrowd. Please report any vulnerabilities through our Bugcrowd page.
If you have identified a vulnerability, you must report it responsibly via our bounty program to be eligible for a reward. Not every report may qualify for a reward.
Note: Vulnerability reports submitted regarding third party applications are communicated to the proper party and WHMCS works with these parties to coordinate a fix wherever possible.
We would like to thank the following individuals, researchers and firms who have helped make WHMCS better through responsible disclosure.
Visit our Bugcrowd page to report an issue.Report an Issue