To report a vulnerability, please report privately via security tab on the correct GitHub repository (see Document). If you are unable to report, please feel free to email us at [email protected].
All security vulnerabilities will be verified and resolved in a timely manner.
While it is rare for new vulnerabilities to be discovered, it is recommended to always use the latest version of the theme and other dependencies by maintaining locked files (yarn.lock, package-lock.json) to ensure that they are as secure as possible.