Submit a security report

Discovered a security vulnerability in the Jumplead application? Please don't share it publicly.

We encourage and reward contributions by developers and security researchers who help make Jumplead more secure. We provide rewards and/or public recognition for security vulnerabilities that are responsibly disclosed to us.

We will determine on a quarterly basis which bugs are considered as candidates for reward, as well as the final reward recipients.

Only original, previously unreported bugs will be qualified for credit. In the event of a duplicate submission, only the earliest received report is considered. Bugs are limited to currently supported browser versions and must be reproducible.

Please include the exact input data and the operation used and please do not run automated scans with applications, if we see submissions from anyone we've found to scan the system, this will be considered a DDoS attack and will be marked invalid.

Please note, when researching for a vulnerability, only use accounts you own. Do not attempt to use another user's account. We reserve the right to turn down any report we find invalid and revise or cancel the program at any time.

All research must not violate any law, or disrupt or compromise any data that is not your own.

Your Rules:

Don’t attempt to gain access to another user’s account or data.

Don’t perform any attack that could harm the reliability/integrity of our services or data. DDoS/spam attacks are not allowed.

Don’t publicly disclose a bug before it has been fixed.

Do not impact other users with your testing.

Don’t use scanners or automated tools to find vulnerabilities.

Never attempt non-technical attacks such as social engineering, phishing, or physical attacks against our employees, users, or infrastructure.

When in doubt, contact us.

Our Rules:

We will respond as quickly as possible to your submission.

We will keep you updated as we work to fix the bug you submitted.

We will not take legal action against you if you play by the rules.

Hall of fame

We're so grateful to all those who have reported vulnerabilities. To the following people, thanks for doing your part to keep Jumplead safe!


Combine lead forms and pages, email marketing automation and live chat to jumpstart your marketing and sales.

Jumplead Manager

Create and manage multiple Jumplead accounts, control billing and users, add and remove customer accounts as you go.

Jumplead Developer

Access Jumplead via our API to integrate Jumplead's marketing capability with your existing systems, or build new apps.