[CMSP-480] mVDP Readme Update (#349)

* adds Patchstack info to readme(s) * update changelog
pantheon-systems · Nov 27, 2023 · 13dc06b · 13dc06b
1 parent 5ca7ac4
commit 13dc06b
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -229,6 +229,10 @@ Use `wp help saml-auth <command>` to learn more about each command.
 
 See [CONTRIBUTING.md](https://github.com/pantheon-systems/wp-saml-auth/blob/master/CONTRIBUTING.md) for information on contributing.
 
+## Security Policy ##
+### Reporting Security Bugs
+Please report security bugs found in the WP SAML Auth plugin's source code through the [Patchstack Vulnerability Disclosure Program](https://patchstack.com/database/vdp/wp-saml-auth). The Patchstack team will assist you with verification, CVE assignment, and notify the developers of this plugin.
+
 ## Frequently Asked Questions ##
 
 ### Can I update an existing WordPress user's data when they log back in? ###

diff --git a/readme.txt b/readme.txt
@@ -266,6 +266,10 @@ Note: the declaration does need to be at the top of `_include.php`, to ensure Wo
 
 There is no third step. Because SimpleSAMLphp loads WordPress, which has WP Native PHP Sessions active, SimpleSAMLphp and WP SAML Auth will be able to communicate to one another on a multi web node environment.
 
+= Where do I report security bugs found in this plugin? =
+
+Please report security bugs found in the source code of the WP SAML Auth plugin through the [Patchstack Vulnerability Disclosure Program](https://patchstack.com/database/vdp/wp-saml-auth). The Patchstack team will assist you with verification, CVE assignment, and notify the developers of this plugin.
+
 == Upgrade Notice ==
 
 = 2.0.0 =