Merge pull request #1353 from 10up/add/patchstack-faq

Add patchstack faq to readmes

Author: jeffpaul

README.md

@@ -103,10 +103,6 @@ You can navigate to the `Posts` > `All Posts` table list view to see all content
 
 <img src="/.github/screenshots/screenshot-8.png" alt="All Posts screen showing Distributor links for pushed and pulled content" width="300">
 
-## Support Level
-
-**Active:** 10up is actively working on this, and we expect to continue work for the foreseeable future including keeping tested up to the most recent version of WordPress.  Bug reports, feature requests, questions, and pull requests are welcome.
-
 ## Known Caveats/Issues
 
 ### Remote Request Timeouts
@@ -175,6 +171,16 @@ Oftentimes the communication Distributor attempts to make across sites using the
 
 See [Distributor Developer Documentation](https://10up.github.io/distributor/#developers).
 
+## Frequently Asked Questions
+
+### Where do I report security bugs found in this plugin?
+
+Please report security bugs found in the source code of the undefined plugin through the [Patchstack Vulnerability Disclosure  Program](https://patchstack.com/database/vdp/2198169c-4564-4fae-bc07-9e737721a9b2).  The Patchstack team will assist you with verification, CVE assignment, and notify the developers of this plugin.
+
+## Support Level
+
+**Active:** 10up is actively working on this, and we expect to continue work for the foreseeable future including keeping tested up to the most recent version of WordPress.  Bug reports, feature requests, questions, and pull requests are welcome.
+
 ## Changelog
 
 A complete listing of all notable changes to Distributor are documented in [CHANGELOG.md](https://github.com/10up/distributor/blob/develop/CHANGELOG.md).

readme.txt

@@ -14,14 +14,14 @@ Distributor makes it easy to distribute and reuse content across your websites 
 
 _Note:_ The latest stable version of the plugin is the _stable_ branch. [Download the stable branch]((https://github.com/10up/distributor/archive/stable.zip)) if you are intending to use the plugin in a Production environment.
 
-**Features**
+== Features ==
 
 * Distributor supports safe, SEO-friendly content reuse and sharing via "pushing" and "pulling".
 * While logged in and editing or viewing any single post (or custom post type) that can be distributed, a `Distributor` admin bar item will appear, that will facilitate sharing ("pushing") that content to any `connection`.
 * In the admin dashboard, a top level Distributor menu item links to the "pull" screen. Here, editors can share ("pull") content from any `connection` into the current site.
 * Content this is distributed (via Push or Pull) is connected to the original. Reposted content receives updates from the original, canonical source automatically.
 
-**Connections**
+== Connections ==
 
 There are two connection types: `internal` and `external`.
 
@@ -30,6 +30,12 @@ There are two connection types: `internal` and `external`.
 * External connections require HTTP Basic Authentication or [WordPress.com OAuth2](https://developer.wordpress.com/docs/oauth2/) (must be on VIP) be set up on the remote website. For Basic Auth, we recommend the [Application Passwords](https://make.wordpress.org/core/2020/11/05/application-passwords-integration-guide/#Getting-Credentials) feature built in to WordPress.
 * For external connections, Distributor needs to be installed on BOTH sides of the connection.
 
+== Frequently Asked Questions ==
+
+= Where do I report security bugs found in this plugin? =
+
+Please report security bugs found in the source code of the undefined plugin through the [Patchstack Vulnerability Disclosure  Program](https://patchstack.com/database/vdp/2198169c-4564-4fae-bc07-9e737721a9b2).  The Patchstack team will assist you with verification, CVE assignment, and notify the developers of this plugin.
+
 == Upgrade Notice ==
 
 = 2.2.0 =