Bug bounty

A bug bounty for security flaws is hosted on YesWeHack platform.

The program is currently paused. Please report security issues to [email protected] instead. This email address allows to report security issues of the PrestaShop project, but it is not part of a bug bounty program.

Visit the Bug Bounty page

This bounty program covers code from the GitHub repository PrestaShop/PrestaShop and all PrestaShop modules defined in the composer.json file.

Informations about qualifying and non-qualifying vulnerabilities can be read on the bug bounty page.