Do not publish sensitive vulnerability details in a public issue. Use the private channel configured by the site owner.
No private security intake URL is configured. Configure one under Settings → MiRust before public launch.
Scope
Reports may cover the MiRust WordPress theme, MiRust Core plugin, site configuration, structured content handling, or an official repository once configured.
What to include
- Affected version and URL.
- Reproduction steps and impact.
- Whether credentials or personal data are involved.
- A safe method for follow-up.