In order to abide by our policy, vulnerabilities must be disclosed privately and provide us reasonable time to respond to avoid compromise of security. We do not reward spam or social engineered vulnerabilities, neither do we reward vulnerabilities that have been disclosed publicly. Third-party applications such as the ones we use to test our BETA applications are not incorporated into this bounty programme.
Terms & Conditions:
- The first person to report and disclose a bug will be rewarded.
- Publicly disclosed bugs will not be rewarded
- The reward amounts may increase and decrease, this is at our discretion.
- We may cancel the programme at anytime.
- Your testing must not violate any laws.
- Due to legal restrictions, we cannot and will not reward residents of countries under current U.S. sanctions (including North Korea, Libya, Cuba).
If you believe you have discovered a bug or vulnerability in Plutus.it, please contact us right away at security@plutus.it