Skip to main content

Security Vulnerability Disclosure

At Solspace, we take the security of our software seriously. We greatly appreciate security researchers and users who responsibly report vulnerabilities so they can be addressed quickly.

If you believe you have discovered a security vulnerability in one of our products (such as Freeform or our other plugins), please let us know so we can investigate and resolve the issue.

Reporting a Vulnerability

Please report vulnerabilities by emailing support@solspace.com

To help us investigate the issue efficiently, please include as much of the following information as possible:

  • A description of the vulnerability
  • Steps to reproduce the issue
  • A proof-of-concept (if available)
  • The affected product and version
  • Any relevant screenshots, logs, or code samples

Responsible Disclosure Guidelines

When reporting vulnerabilities, we ask that you:

  • Provide us with a reasonable amount of time to investigate and fix the issue before publicly disclosing it.
  • Avoid accessing or modifying data that does not belong to you.
  • Avoid actions that could negatively impact the availability or stability of our services or software.

Safe Harbor

We will not pursue legal action against security researchers who report vulnerabilities in good faith and follow the guidelines outlined in this policy.

Rewards

Solspace does not currently operate a formal bug bounty program and cannot guarantee monetary rewards. However, we may offer discretionary rewards (such as free plugin licenses or other recognition) for valid vulnerabilities that are responsibly disclosed.

Recognition

With your permission, we may acknowledge your contribution in release notes or security advisories once the issue has been resolved.

Thank you for helping us keep our software and users safe.

Page Feedback