What is Patchstack Alliance (formerly Red Team)?

Patchstack Alliance is a community of independent security researchers who contribute to a safer web. 

Alliance members identify and report security vulnerabilities in web application components (such as WordPress plugins) to help software vendors address security issues before they pose risk to users and to the public.

Report your first vulnerability to the Patchstack database and earn $50 USD​​

Patchstack database is a free and open security vulnerability database that covers all WordPress core and third-party plugin and theme vulnerabilities.

Everybody can contribute to the security of the WordPress ecosystem by new vulnerabilities to the database. 

We offer assistance with the triage process to make sure the author of the software will receive the information and has all the help to fix the vulnerability as fast as possible.

You are eligible for a $50 Amazon gift card if the following conditions are met:

• You haven’t submitted any vulnerabilities to Patchstack database before.
• The vulnerability is new, unique, and has not been published elsewhere.
• The vulnerability is in a WordPress plugin or a theme with more than 50,000 active installations.
• The CVSS score of the vulnerability is higher than 6.

Submit 3 vulnerabilities to claim your invitation to the Patchstack Alliance​

Patchstack Alliance community has access to a gamified bug bounty platform where top security researchers are paid cash prizes each month.

The platform is currently accessible for the selected few, but you can get your early access by submitting 3 unique vulnerabilities to the Patchstack Database.

Hope to see you at Patchstack Alliance!