If you discover a security issue in this repository, please do not open a public GitHub issue with exploit details.
Instead:
- Contact the maintainer privately through GitHub.
- Include a clear description of the issue, affected files, and reproduction steps.
- If possible, suggest a fix or mitigation.
This project includes:
- A WordPress plugin bootstrap and source code under
src/ - AWS infrastructure templates under
infrastructure/
When reporting a vulnerability, please specify whether it affects:
- WordPress admin access or capability checks
- Secret handling or encryption
- AJAX endpoints or nonce validation
- AWS IAM, EC2, or security group configuration
- Never commit AWS credentials, decrypted passwords, or private keys.
- Treat generated key material under
infrastructure/keypairs/as sensitive. - Review the git history and working tree before publishing changes.