If you discover a security vulnerability in WP Agentic Admin, please report it responsibly.
Do NOT open a public GitHub issue for security vulnerabilities.
Instead, please email: security@pluginslab.com
You should receive a response within 48 hours. We will work with you to understand the issue and coordinate a fix before any public disclosure.
This policy covers the WP Agentic Admin WordPress plugin, including:
- PHP backend code (REST API endpoints, abilities, settings)
- JavaScript frontend code (React components, service worker, chat interface)
- The Abilities API and third-party integration surface
- The WebLLM library and its dependencies (report upstream)
- The Qwen models themselves (report to the model authors)
- WordPress core vulnerabilities (report to WordPress security team)
| Version | Supported |
|---|---|
| Latest release | Yes |
| Older releases | No |
We recommend always running the latest version.