Only the latest stable release receives security fixes.
| Version | Supported |
|---|---|
| 3.x (latest) | Yes |
| 2.x | No |
| 1.x | No |
Please do not open a public GitHub issue for security vulnerabilities.
Report security issues by emailing support@kwtsms.com with:
- A clear description of the vulnerability
- Steps to reproduce
- Affected versions
- Any proof-of-concept code (if available)
You will receive a response within 48 hours. If the issue is confirmed, a fix will be released as soon as possible, typically within 7 days for critical issues.
This policy covers the wp-kwtsms WordPress plugin. Out of scope: third-party dependencies, the kwtsms API itself, and WordPress core.
Once a fix is released, the vulnerability will be disclosed in the GitHub release notes with credit to the reporter (unless anonymity is requested).