Western Union

  • $100 – $5,000 per vulnerability
  • Partial safe harbor
  • Managed by Bugcrowd

Program stats

415 vulnerabilities rewarded

Validation within 3 days
75% of submissions are accepted or rejected within 3 days

$111.11 average payout (last 3 months)

Latest hall of famers

Recently joined this program

1758 total

Disclosure

Please note: This program does not allow disclosure. You may not release information about vulnerabilities found in this program to the public.

Western Union is a financial services and communications company based in the United States.

In general, Western Union adheres to the Bugcrowd Vulnerability Rating Taxonomy for the prioritization of findings, but they do reserve the right to alter priority on a case-by-case basis. Any submission where the priority is altered will be accompanied by an explanation from the Western Union team.

Note on special domains: The following transaction/core domains below will have higher rewards due to their sensitivity:

  • https://www.westernunion.com
  • https://ebanking.westernunionbank.com
  • payee.globalpay.westernunion.com
  • partnernet.westernunion.com

Scope and rewards

Program rules

This program follows Bugcrowd’s standard disclosure terms.

This program does not offer financial or point-based rewards for P5 — Informational findings. Learn more about Bugcrowd’s VRT.