Skip to Content

How to report a security issue found on Wattpad

The Wattpad team works very hard to ensure that Wattpad is a secure environment where your account information is safe. However, if in the off chance you find a issue on Wattpad that could put the personal information and integrity of Wattpad and its users at risk, here's how you can report it to us.

What's considered a security issue

A security issue would be defined as a flaw in the technical (i.e. the coding of Wattpad) implementation or design of Wattpad, that would allow someone to affect the security of Wattpad users.

Some example issues would be vulnerabilities that allow for:

  • Cross Site Scripting (XSS)
  • Cross Site Request Forgery (CSRF)
  • Remote Code Execution (RCE)
  • Unauthorized Access to Private Information
  • Performing Actions as Another User
  • Performing Actions to Stories with an Unauthenticated Account
  • Bypassing API limits
  • Downloading of Wattpad stories outside of the official Wattpad apps

Where would a security issue be found

Please report security issues that can be exploited through the following methods of accessing Wattpad:

  • Wattpad Android app
  • Wattpad iOS app
  • Wattpad desktop website
  • Wattpad mobile website

Reporting a security issue

Reporting a security issue is done in the same way one would report a bug in Wattpad, save for some extra details that are required.

When reporting a security issue, include the following details:

  • Your name
  • Any organizations that you are associated with, along with your position (e.g. a penetration tester at a cyber security organization)
  • How you came upon this security issue
  • Detailed steps to reproduce the security issue
  • Screenshots of the security issue occurring

To send a report, please send an email to security@wattpad.com to initiate the reporting process. 

Was this article helpful?
20 out of 31 found this helpful

Comments

Article is closed for comments.