Welcome to PlugBounty
The open-source component bug hunting platform (beta)
Plugbounty is the first open-source component bug bounty platform. Earn money, compete with other hackers and make the web a safer place by finding security bugs among thousands of open-source components.
Get started See what we doHow does it work?
Our advantages
Automatic Component Listing
Thousands of Components
There are thousands of open-source components such as WordPress plugins and PHP extensions (coming soon) that can be audited. Quickly find the most popular components with the widest attack surface that are automatically listed by Plugbounty.
Components are automatically listed
All information in one place
Wide range of components
Researchers Leaderboard
Community of hackers
Receive research score for every bug you find. Researchers will be ranked based on the research score on monthly and weekly leaderboard.
Gain exposure as security researcher
Create your portfolio of research
Give back to the security community
Earn from the findings
Monthly Prizes
Wether or not a vendor reacts on your findings, Plugbounty team will review the report and you will get the research score. Every month, a fixed budget will be paid out to top researchers on the leaderboard.
Top 5 researchers will receive prizes every month
Vendors can pay suggested tip based on the report
Last published reports
Reported on Plugbounty
Sign up now
For developers
Discover the bugs and vulnerabilities before the bad guys do1
Protect your reputation and gain trust in community2
Involve top security researchers to your product development3
Sign up as a developerSign up now
For hackers
There are a huge number of plugins and extensions listed1
Code in mostly public and it’s easier to find bugs and vulnerabilities2
Monthly prizes by PlugBounty for top hackers3
Sign up as a hacker
Copyright © 2022 PlugBounty.
All rights reserved.