If you discover a security vulnerability in Awesome Cordova Plugins, please report it responsibly.
Do not open a public GitHub issue for security vulnerabilities.
Instead, please send an email to the maintainer or use GitHub's private vulnerability reporting.
- Description of the vulnerability
- Steps to reproduce
- Affected versions
- Potential impact
You can expect an initial response within 72 hours. We will work with you to understand the issue and coordinate a fix before any public disclosure.
This policy covers the @awesome-cordova-plugins/* TypeScript wrapper packages. For vulnerabilities in the underlying Cordova plugins themselves, please report to the respective plugin maintainers.
Only the latest major version receives security updates.