Vulnerability disclosure program
Plugin developer? Start a Managed Vulnerability Disclosure Program.
Free for all
Patchstack Zeroday payouts
See full termsPatchstack pays a fixed bounty for high value vulnerabilities.
$600 Unauthenticated access leading to a full site compromise
$300 Subscriber or Customer level access leading to a full site compromise
Report for monthly rewards
To leaderboardMembers of the Bug Bounty program receive XP for their reports and are eligible for monthly cash rewards.
$2,000 Top ranking contributor
$1,400 Contributor ranking 2nd
$800 Contributor ranking 3rd
$600 Contributor ranking 4th
$500 Contributor ranking 5th
$400 Contributors ranking 6th to 10th
$200 Contributors ranking 11th to 15th
$100 Contributors ranking 16th to 19th
$50 Contributor ranking 20th
$50 One lucky pick
No active bounties by the developer
Eligibility and responsibility
We would like to thank everyone who submits valid reports that help us improve the security of GTM Kit. However, only those that meet the following eligibility requirements may receive a monetary reward for vulnerabilities found in the GTM Kit source code.
You must be the first reporter of a vulnerability.
The vulnerability must be a qualifying vulnerability (see below).
Any vulnerability found must be reported no later than 24 hours after discovery and exclusively through patchstack.com.
You must avoid tests that could cause degradation or interruption of our service (refrain from using automated tools, and limit your requests per second). If you over do it, your IP address might be throttled or even (temporarily) blocked to protect our infrastructure. See how.
Reports on vulnerabilities are examined by our security analysts - our analysis is always based on worst case exploitation & the business criticality of the vulnerability, as is the reward we pay.
Qualifying vulnerabilities
Non-qualifying vulnerabilities
Report and compete for monthly rewards
To leaderboardMembers of the Patchstack Bug Bounty program are ellegible for monthly cash rewards.
Top contributor
$650
2nd contributor
$350
3rd contributor
$250
Monthly contributors ranking 4th to 10th receive
Monthly contributors ranking 11th to 15th receive
One lucky researcher receives*
Additional bounties can be paid out to Patchstack Bug Bounty members for findings that are beneficial to the community, particularly interesting or hard to find. Please read our full guidelines and terms before reporting.
Additional rewards by Patchstack
Security researcher? Report to Patchstack Bug Bounty to earn bounties and rewards!
Learn more
