Thanks for taking the time to engage with the project! We believe in the concept of coordinated disclosure and currently expect a 60 day grace period for resolution of any outstanding issues.
Please log a security-template issue on Github and directly contact one of the core team members via email:
We will endeavour to respond to your request as soon as possible, no bounties are available, but acknowledgement will be made if you like.