Found a vulnerability?

If you found a vulnerability in our website or any related services, you can report it to

Before posting, please consider the following:

  • We may offer a symbolic non-negotiable bounty of $50 (we’re a small company, not a corporation). Payable via PayPal only.
  • We will consider only new reports for bounty, i.e. those that haven’t been reported before by someone else, regardless whether a fix is or isn’t already in place.
  • We may reject the report if we consider it not to be proportional to the importance of the service in question.
  • We may ask for additional information, proof-of-concept, and/or fix verification before paying out the bounty.