WP Engine

  • Points per vulnerability
  • Managed by Bugcrowd

Program stats

25 vulnerabilities rewarded

Validation within 2 days
75% of submissions are accepted or rejected within 2 days

Latest hall of famers

Recently joined this program

71 total

Disclosure

Please note: This program does not allow disclosure. You may not release information about vulnerabilities found in this program to the public.

WP Engine invites you to test the WP Engine Digital Platform. WP Engine equips its customers with a suite of agility, performance, intelligence, and integration solutions, so you can build and deploy a range of online experiences from campaign sites to content hubs to ecommerce extensions. Good luck and happy hunting!


Ratings:

For the initial prioritization/rating of findings, this program will use the Bugcrowd Vulnerability Rating Taxonomy. However, it is important to note that in some cases a vulnerability priority will be modified due to its likelihood or impact. In any instance where an issue is downgraded, a full, detailed explanation will be provided to the researcher - along with the opportunity to appeal, and make a case for a higher priority.

Targets

In scope

Target name Type
wpengine.com Website
my.wpengine.com Website
*.wpengine.io Website
*.wpesvc.net Website
*.studiopress.com Website

Out of scope

Target name Type
wpengine.com/contact/ Website

Testing is only authorized on the targets listed as In-Scope. Any domain/property of WP Engine not listed in the targets section is out of scope. This includes any/all subdomains not listed above. If you believe you've identified a vulnerability on a system outside the scope, please reach out to support@bugcrowd.com before submitting.


Target Info:

  • wpengine.com is the landing page for all WP Engine services. Most of this data is static, but there are a number of dynamic fields and functionalities that are available to be tested. Support, contact forms, and chat functionality are out-of-scope - specifically, the Sales Questions functionality and wpengine.com/contact/. No testing should be done against these targets or any 3rd party services.

  • my.wpengine.com controls authentication for WP Engine. No credentials will be provided. Researchers are free to test functionally that requires authentication with their own accounts. Please note: no reimbursements will be made for money spent to access this part of the application.

  • *.wpengine.io & *.wpesvc.net are apex domains - used for micro services hosted as subdomains and service-to-service APIs - these are not meant to be consumed by the public but run on public DNS. To aid in testing, we've provided some initial OSINT for these domains: https://crt.sh/?q=%25wpengine.io & https://crt.sh/?q=%25wpesvc.net

  • *.studiopress.com, in particular studiopress.com, www.studiopress.com, and my.studiopress.com are public facing marketing and WordPress theme e-commerce sites. No credentials will be provided. Researchers are free to test functionally that requires authentication with their own accounts. Please note: no reimbursements will be made for money spent to access this part of the application.

Researchers are welcome to test functionality behind the paywall, if they wish (that falls within the scope of this bounty). However, no reimbursements will be made for money spent to access this part of the application.


Out-of-Scope:

  • Denial of Service / Distributed Denial of Service attacks
  • Support, contact forms and chats are out-of-scope - specifically, the Sales Questions functionality and wpengine.com/contact/. No testing should be done against these targets or any 3rd party services.

Program rules

This program follows Bugcrowd’s standard disclosure terms.

This program does not offer financial or point-based rewards for P5 — Informational findings. Learn more about Bugcrowd’s VRT.