Please use the form located at Security > Report a vulnerability.
See Privately reporting a security vulnerability for detailed instructions.

I aim to respond to reported security vulnerabilities within 72h. However this is an open source project with a single maintainer and life can get in the way.

Please refer to VERSIONS.md for a complete list of currently supported versions and the support schedule.