• For security issues with high-impacts (e.g. related to payments or user permission), we support 3.8.x and all 4.x version. But the fix for 4.x will released only in latest sub-version.
• For all other security issues, we mainly support version >= 4.x (in which x is the latest stable sub-version).

Please send the details about the security issue to [email protected]. Once the vulnerability is comfirmed or fixed, you will get updates from the email thread.

We will reward you with bounty/swag for success submission of securty issues.