Reporting Channel
Send reports to support@wmtan.com with a clear subject such as Security Report or Vulnerability Report. Do not include sensitive personal data unless necessary.
Policy
Responsible Disclosure
WMTAN accepts security vulnerability and safety-risk reports through official support channels for review and response based on severity.
What To Include
Reports should include the affected product, issue description, reproduction steps, expected impact, and contact information so WMTAN can respond.
Acceptable Testing
Only test accounts and data you own or are authorized to use. Do not access, change, download, or disrupt other users' data.
Do Not
Do not exploit beyond scope, run disruptive scanning, distribute malware, extort, disclose issues before WMTAN has time to respond, or violate the law.
Response
WMTAN will classify reports by risk, verify reproducibility, and prioritize remediation based on impact to users or systems.
Reporting Principles
- Report in good faith and provide enough technical detail for review.
- Do not access or disclose other users' data.
- Do not disrupt services or create risk for users.
- Do not demand a bounty, payment, or benefit in exchange for withholding disclosure.