Main meniu
Main meniu
Main meniu
Je ne pense pas que la qualité du site Web sera bonne

Vous pouvez parcourir notre site Internet en français, ou continuer en anglais, en cliquant ci-dessous. Nous vous demanderons également de répondre à quelques questions pour nous aider à améliorer votre expérience.

Continue in english
Continuer en français
Why did you choose English?

We’d like to understand why the local language is not a good fit for you.

Why are you switching back to English?

We’d like to understand why the local language was not a good fit for you.

Vous quittez les pages de notre site web traduites en français

Comment trouvez-vous notre site en français ?

Bug Bounty disclosure program

Omnisend looks forward to working with the security community to find security vulnerabilities to keep our business and customers safe. If you believe you've found a security issue, we encourage you to notify us.

Program
rules

  • Please provide detailed reports with reproducible steps. If the report is not detailed enough to reproduce the issue, the issue will not be eligible for a reward.

  • Submit one vulnerability per report unless you need to chain vulnerabilities to provide impact.

  • When duplicates occur or known vulnerabilities, we only award the first report received (provided that it can be fully reproduced).

  • Multiple vulnerabilities caused by the same underlying issue will be awarded one payout.

  • Make a good faith effort to avoid privacy violations, destruction of data, and interruption or degradation of our services.

  • Test vulnerabilities only on accounts you own or have explicit permission from the account holder.

  • Report Wordpress plugin vulnerabilities to Patchstack.

Scope

Web application

app.omnisend.com

Marketing site

omnisend.com

Wordpress plugins

profiles.wordpress.org/omnisend/#content-plugins

App Market

appmarket.omnisend.com

Developer Center

developers.omnisend.com

API endpoint

api.omnisend.com

Partner portal

partners.omnisend.com

Out-of-Scope vulnerabilities

When reporting vulnerabilities, please consider the attack scenario (exploitability) and the security impact of the bug. The following issues are considered out of scope:

Phishing

Social engineering

Any form of denial of service attack

Known and planned fixes: Missing CSRF tokens

Contact

Please contact us at