• $50 – $2,500 per vulnerability

Reward bonuses for MLI BOPIS APIs

Hello everyone,

Hope you are having a great start to your 2023!!

We are pleased to announce BigCommerce is now offering bonuses starting as of now and will end on March 14th 5pm PST! Through out this period, the first three researchers to submit a P1 in below mentioned scope will receive a BONUS 1500$ on top of the original bounty.

Below are the bonus details:

Priority/Bonus Qualifications Previous Reward Range New Reward Range
P1 on below defined scope $1500-2500 $3000-$4000

In Scope:

The following document talks about various APIs that are being powered (has to be your store)
Refer to the following article

Within your admin panel (store-<hash> the following URL paths that are impacted by the above APIs are in scope:

Out of Scope:

Vulnerabilities that occurs because of custom checkout or theme (this is the merchant’s responsibility).

Any other vulnerabilities reported do not include the bonus program.

Note, bonuses are subject to change. If you have any questions, please reach out to

Good luck and Happy hunting