If you discover a security vulnerability in Awesome Cordova Plugins, please report it responsibly.

Do not open a public GitHub issue for security vulnerabilities.

Instead, please send an email to the maintainer or use GitHub's private vulnerability reporting.

• Description of the vulnerability
• Steps to reproduce
• Affected versions
• Potential impact

You can expect an initial response within 72 hours. We will work with you to understand the issue and coordinate a fix before any public disclosure.

This policy covers the @awesome-cordova-plugins/* TypeScript wrapper packages. For vulnerabilities in the underlying Cordova plugins themselves, please report to the respective plugin maintainers.

Only the latest major version receives security updates.