Posted by Scott Arciszewski on Apr 27

The author added a note on his page: http://klikki.fi/adv/wordpress2.html

Also, searching HackerOne does not reveal a public WordPress program, only
WP-API. Does this mean that WordPress was privately participating in
HackerOne for select hackers? If so, revealing that publicly is kind of
rude. 🙁