Welcome to PlugBounty
Plugbounty is the first open-source component bug bounty platform. Earn money, compete with other hackers and make the web a safer place by finding security bugs among thousands of open-source components.
Get started See what we doOur advantages
Automatic Component Listing
There are thousands of open-source components such as WordPress plugins and PHP extensions (coming soon) that can be audited. Quickly find the most popular components with the widest attack surface that are automatically listed by Plugbounty.
Components are automatically listed
All information in one place
Wide range of components
Researchers Leaderboard
Receive research score for every bug you find. Researchers will be ranked based on the research score on monthly and weekly leaderboard.
Gain exposure as security researcher
Create your portfolio of research
Give back to the security community
Earn from the findings
Wether or not a vendor reacts on your findings, Plugbounty team will review the report and you will get the research score. Every month, a fixed budget will be paid out to top researchers on the leaderboard.
Top 5 researchers will receive prizes every month
Vendors can pay suggested tip based on the report
Reported on Plugbounty
Sign up now
Discover the bugs and vulnerabilities before the bad guys do1
Protect your reputation and gain trust in community2
Involve top security researchers to your product development3
Sign up as a developerSign up now
There are a huge number of plugins and extensions listed1
Code in mostly public and it’s easier to find bugs and vulnerabilities2
Monthly prizes by PlugBounty for top hackers3
Sign up as a hackerCopyright © 2021 PlugBounty.
All rights reserved.