The security of Discourse plugins are premised on the security of Discourse. Please first consider whether a security issue is best reported and handled by the Discourse team. You can view the Discourse security policy here.

If you find a security vulnerability that is specific to this plugin, please report it to development@pavilion.tech. Security issues always take precedence over all other work. All commits specific to security are prefixed with SECURITY.