# Security Policy

## How can I report a security bug?

[You can report security bugs through the official User Switching Vulnerability Disclosure Program on Patchstack](https://patchstack.com/database/vdp/user-switching). The Patchstack team helps validate, triage, and handle any security vulnerabilities.

Do not report security issues on GitHub or the WordPress.org support forums. Thank you.