Managed VDP & security auditing for WordPress plugins

Get professional plugin security auditing and streamline your security bug reporting with a managed vulnerability disclosure program (mVDP)

Managed VDP

Handle security vulnerabilities in a professional manner and make your software more trustworthy.
Get started for free
Dedicated VDP page for the plugin
Prepared template for disclosure policy
Report validation by Patchstack
Reports eligible for Patchstack bounties
Trust badge that links to VDP page

Complete security audit

Ask for quote
Have your plugins code-reviewed and thoroughly audited by our in-house security researchers.
Request quote
Full project code-review
OWASP top 10 vulnerability audit
WordPress specific security checks
In-depth security report with recommended improvements and fixes
Patch validation to make sure every issue is properly addressed
Free Managed VDP for 1 year (for premium plugins)

Why should every WordPress plugin have an mVDP?

Streamline all security bug reports through one channel

Easily manage security bugs through a single channel and never miss a security bug report due to spam filters or broken contact forms.

Receive full details to patch security issues faster

Reporters follow responsible disclosure guidelines with a clear and ethical framework which saves valuable time to publish a fix and minimise harm.

Professional team of security experts help validate fixes

Receive assistance from the Patchstack Alliance team and reporting researcher to patch security vulnerabilities to minimise harmful outcome.

Show the community and ecosystem you’re serious about security

Make your plugin more attractive and trustworthy with the Patchstack badge and show security is managed in a professional manner.

Take the security of your software to the next level

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Group 7
Looks like your browser is blocking our support chat widget. Turn off adblockers and reload the page.