If you discover a security vulnerability in this plugin, please report it responsibly:

1. Do not open a public GitHub issue for security vulnerabilities
2. Email the maintainer directly or use GitHub's private vulnerability reporting feature
3. Include as much detail as possible:
   • Description of the vulnerability
   • Steps to reproduce
   • Potential impact
   • Suggested fix (if any)

This plugin interacts with Wordfence Security and requires:

• manage_options capability for all operations
• Administrator access for WP-CLI commands
• WordPress Application Passwords for REST API authentication

All database queries use prepared statements to prevent SQL injection.

• Initial response: Within 48 hours
• Status update: Within 7 days
• Fix timeline: Depends on severity, typically within 30 days for critical issues