Security fixes are currently considered for the latest public release only.

Please do not report vulnerabilities in public GitHub issues.

Send a private report to the project maintainer with:

• A concise description of the issue.
• Steps to reproduce.
• The affected version or commit.
• Any relevant logs or screenshots with API keys and private content redacted.

If you are unsure where to send the report, use the contact form at https://frontrowsales.com and include "WP Auto-Feature Gen security" in the subject.

See docs/security.md for implementation notes about nonces, capability checks, stored API keys, the unauthenticated Kie.ai callback endpoint, and debug logging.