On behalf of thousands of users and the entire team here at Paddle, we'd like to thank the security researchers who have participated in our vulnerability disclosure program and helped make our products and applications more secure.
Researcher | Vulnerability | Date |
|---|---|---|
Content injection | October 2024 | |
Subdomain takeover | January 2024 | |
Broken link hijacking | November 2023 | |
Rate limiting | October 2022 | |
Session management | June 2022 | |
Inconsistent application of password policy | June 2022 | |
Inconsistent application of password policy | May 2022 | |
Content injection | May 2022 |
You can learn more about our policy and submit a report at the links below.
Read the policy Submit a report
Paddle Billing
ProfitWell Metrics