From 30a4d4f67bd01ba44d65d5a4b5ede80568d43de6 Mon Sep 17 00:00:00 2001
From: Britt Hackemack <31543626+bhackemackwpe@users.noreply.github.com>
Date: Wed, 27 May 2026 14:06:36 -0500
Subject: [PATCH 1/2] [SEC-179973] Update SECURITY.md

---
 SECURITY.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/SECURITY.md b/SECURITY.md
index f3d74282..d137b9a5 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -5,7 +5,7 @@ of the open-source code repositories managed through our
 [WP Engine organization](https://github.com/wpengine).
 
 ## Reporting Security Issues
-If you believe you have found a security vulnerability in any WP Engine-owned repository, please report it to us via email at [opensource@wpengine.com](mailto:opensource@wpengine.com?subject=HWPToolkit%20Security%20Vulnerability)
+If you believe you have found a security vulnerability in any WP Engine-owned repository, please report it to us via our [Bug Bounty program](https://wpeng.in/bugbounty/) or email to security@wpengine.com.
 
 **Please do not report security vulnerabilities through public GitHub issues,
 discussions, or pull requests.**

From 97c0918d4ded6ad043dd288960cc91b2b699c6b1 Mon Sep 17 00:00:00 2001
From: Britt Hackemack <31543626+bhackemackwpe@users.noreply.github.com>
Date: Wed, 27 May 2026 14:07:30 -0500
Subject: [PATCH 2/2] Update CONTRIBUTING.md

---
 CONTRIBUTING.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 2b1ee7be..94695817 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -33,7 +33,7 @@ Example:
 You'll eventually come across a bug or a missing feature. Reporting it will not just help you to seek a solution for your project, it will help other community members to avoid potential roadblocks. It will also help us to detect issues early on and improve the hwptoolkit.
 
 > [!CAUTION]
-> Use [GitHub issues](https://github.com/wpengine/hwptoolkit/issues) for non-security related bugs only. To avoid the exposure of the potential vulnerabilities, please report security related issues to us via email at opensource@wpengine.com.
+> Use [GitHub issues](https://github.com/wpengine/hwptoolkit/issues) for non-security related bugs only. To avoid the exposure of the potential vulnerabilities, please report security related issues to us via our [Bug Bounty program](https://wpeng.in/bugbounty/) or email to security@wpengine.com.
 
 A usual bug reporting/feature suggesting workflow should look like this: