Vulnerability Disclosure Program (VDP)
VDPs are meant for responsibly reporting vulnerabilities you encounter — not for actively hunting for fame or reputation. Even if you're just starting out, consider focusing on rewarded bug bounty programs instead.
expediagroup
35
In Scope
5
Out of Scope
In-Scope Assets (35)
| Asset | Category | Bounty | Quick Links | |
|---|---|---|---|---|
| *.abritel.fr | WILDCARD | No | ||
| *.bookabach.co.nz | WILDCARD | No | ||
| *.carrentals.com | WILDCARD | No | ||
| *.cheaptickets.com | WILDCARD | No | ||
| *.cruiseshipcenters.com | WILDCARD | No | ||
| *.ean.com | WILDCARD | No | ||
| *.ebookers.com | WILDCARD | No | ||
| *.expedia.com | WILDCARD | No | ||
| *.expediagroup.com | WILDCARD | No | ||
| *.expediapartnercentral.com | WILDCARD | No | ||
| *.expediapartnersolutions.com | WILDCARD | No | ||
| *.fewo-direkt.de | WILDCARD | No | ||
| *.flights.com | WILDCARD | No | ||
| *.homeaway.com | WILDCARD | No | ||
| *.hotels.com | WILDCARD | No | ||
| *.hotwire.com | WILDCARD | No | ||
| *.hotwirepartnercentral.com | WILDCARD | No | ||
| *.lastminute.co.nz | WILDCARD | No | ||
| *.lastminute.com.au | WILDCARD | No | ||
| *.mrjet.se | WILDCARD | No | ||
| *.orbitz.com | WILDCARD | No | ||
| *.stayz.com.au | WILDCARD | No | ||
| *.travelocity.ca | WILDCARD | No | ||
| *.travelocity.com | WILDCARD | No | ||
| *.vrbo.com | WILDCARD | No | ||
| *.wotif.com | WILDCARD | No | ||
| 987675995 | IOS | No | - | |
| Other Expedia-owned Asset | OTHER | No | - | |
| china.airasiago.com | URL | No | ||
| com.expediapartnercentral | ANDROID | No | ||
| http://www.cruiseshipcenters.com/api/searchcenter | URL | No | ||
| thailand.airasiago.com | URL | No | ||
| www.ebookers.fi | URL | No | ||
| www.expedia-aarp.com | URL | No | ||
| www.vrbo.com | URL | No |
Out-of-Scope Assets (5)
| Asset | Category | Bounty | |
|---|---|---|---|
| *.egadvertising.com | WILDCARD | No | |
| *.expediaagents.com | WILDCARD | No | |
| *.expediacruises.com | WILDCARD | No | |
| *.hoteis.com | WILDCARD | No | |
| *.hoteles.com | WILDCARD | No |
Scope Changes (120)
Feb 25, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Added | *.wotif.com | WILDCARD | In Scope | 19:11 |
| Added | *.cruiseshipcenters.com | WILDCARD | In Scope | 19:11 |
| Added | *.carrentals.com | WILDCARD | In Scope | 19:11 |
| Added | thailand.airasiago.com | URL | In Scope | 19:11 |
| Added | *.hoteis.com | WILDCARD | Out of Scope | 19:11 |
| Added | *.homeaway.com | WILDCARD | In Scope | 19:11 |
| Added | *.expediapartnercentral.com | WILDCARD | In Scope | 19:11 |
| Added | *.bookabach.co.nz | WILDCARD | In Scope | 19:11 |
| Added | *.vrbo.com | WILDCARD | In Scope | 19:11 |
| Added | *.travelocity.ca | WILDCARD | In Scope | 19:11 |
| Added | *.orbitz.com | WILDCARD | In Scope | 19:11 |
| Added | *.hotels.com | WILDCARD | In Scope | 19:11 |
| Added | *.fewo-direkt.de | WILDCARD | In Scope | 19:11 |
| Added | *.stayz.com.au | WILDCARD | In Scope | 19:11 |
| Added | *.flights.com | WILDCARD | In Scope | 19:11 |
| Added | *.ean.com | WILDCARD | In Scope | 19:11 |
| Added | *.lastminute.co.nz | WILDCARD | Out of Scope | 19:11 |
| Added | http://www.cruiseshipcenters.com/api/searchcenter | URL | In Scope | 19:11 |
| Added | *.expedia.com | WILDCARD | In Scope | 19:11 |
| Added | *.cheaptickets.com | WILDCARD | In Scope | 19:11 |
| Added | *.lastminute.com.au | WILDCARD | Out of Scope | 19:11 |
| Added | *.expediapartnersolutions.com | WILDCARD | In Scope | 19:11 |
| Added | china.airasiago.com | URL | In Scope | 19:11 |
| Added | other expedia-owned asset | OTHER | In Scope | 19:11 |
| Added | com.expediapartnercentral | ANDROID | In Scope | 19:11 |
| Added | 987675995 | IOS | In Scope | 19:11 |
| Added | *.hotwire.com | WILDCARD | In Scope | 19:11 |
| Added | *.abritel.fr | WILDCARD | In Scope | 19:11 |
| Added | *.ebookers.com | WILDCARD | In Scope | 19:11 |
| Added | *.egadvertising.com | WILDCARD | Out of Scope | 19:11 |
| Added | *.expediaagents.com | WILDCARD | Out of Scope | 19:11 |
| Added | *.expediacruises.com | WILDCARD | Out of Scope | 19:11 |
| Added | *.expediagroup.com | WILDCARD | In Scope | 19:11 |
| Added | *.hotwirepartnercentral.com | WILDCARD | In Scope | 19:11 |
| Added | *.mrjet.se | WILDCARD | In Scope | 19:11 |
| Added | www.vrbo.com | URL | In Scope | 19:11 |
| Added | www.expedia-aarp.com | URL | In Scope | 19:11 |
| Added | *.hoteles.com | WILDCARD | Out of Scope | 19:11 |
| Added | *.travelocity.com | WILDCARD | In Scope | 19:11 |
| Added | www.ebookers.fi | URL | In Scope | 19:11 |
Feb 22, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Added | *.expediacruises.com | WILDCARD | Out of Scope | 00:42 |
| Added | *.ebookers.com | WILDCARD | In Scope | 00:42 |
| Added | *.travelocity.com | WILDCARD | In Scope | 00:42 |
| Added | *.cruiseshipcenters.com | WILDCARD | In Scope | 00:42 |
| Added | *.fewo-direkt.de | WILDCARD | In Scope | 00:42 |
| Added | other expedia-owned asset | OTHER | In Scope | 00:42 |
| Added | *.expedia.com | WILDCARD | In Scope | 00:42 |
| Added | *.hotwire.com | WILDCARD | In Scope | 00:42 |
| Added | *.cheaptickets.com | WILDCARD | In Scope | 00:42 |
| Added | *.wotif.com | WILDCARD | In Scope | 00:42 |
| Added | *.expediapartnercentral.com | WILDCARD | In Scope | 00:42 |
| Added | *.bookabach.co.nz | WILDCARD | In Scope | 00:42 |
| Added | china.airasiago.com | URL | In Scope | 00:42 |
| Added | *.homeaway.com | WILDCARD | In Scope | 00:42 |
| Added | *.mrjet.se | WILDCARD | In Scope | 00:42 |
| Added | 987675995 | IOS | In Scope | 00:42 |
| Added | *.orbitz.com | WILDCARD | In Scope | 00:42 |
| Added | *.ean.com | WILDCARD | In Scope | 00:42 |
| Added | *.lastminute.co.nz | WILDCARD | Out of Scope | 00:42 |
| Added | http://www.cruiseshipcenters.com/api/searchcenter | URL | In Scope | 00:42 |
| Added | *.hoteis.com | WILDCARD | Out of Scope | 00:42 |
| Added | *.abritel.fr | WILDCARD | In Scope | 00:42 |
| Added | www.vrbo.com | URL | In Scope | 00:42 |
| Added | com.expediapartnercentral | ANDROID | In Scope | 00:42 |
| Added | *.egadvertising.com | WILDCARD | Out of Scope | 00:42 |
| Added | *.travelocity.ca | WILDCARD | In Scope | 00:42 |
| Added | thailand.airasiago.com | URL | In Scope | 00:42 |
| Added | *.hotels.com | WILDCARD | In Scope | 00:42 |
| Added | *.stayz.com.au | WILDCARD | In Scope | 00:42 |
| Added | *.vrbo.com | WILDCARD | In Scope | 00:42 |
| Added | *.expediaagents.com | WILDCARD | Out of Scope | 00:42 |
| Added | *.lastminute.com.au | WILDCARD | Out of Scope | 00:42 |
| Added | *.expediagroup.com | WILDCARD | In Scope | 00:42 |
| Added | *.flights.com | WILDCARD | In Scope | 00:42 |
| Added | *.expediapartnersolutions.com | WILDCARD | In Scope | 00:42 |
| Added | *.carrentals.com | WILDCARD | In Scope | 00:42 |
| Added | *.hotwirepartnercentral.com | WILDCARD | In Scope | 00:42 |
| Added | www.ebookers.fi | URL | In Scope | 00:42 |
| Added | www.expedia-aarp.com | URL | In Scope | 00:42 |
| Added | *.hoteles.com | WILDCARD | Out of Scope | 00:42 |
Feb 21, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Added | *.expedia.com | WILDCARD | In Scope | 19:11 |
| Added | *.hotwire.com | WILDCARD | In Scope | 19:11 |
| Added | *.orbitz.com | WILDCARD | In Scope | 19:11 |
| Added | *.hotels.com | WILDCARD | In Scope | 19:11 |
| Added | *.homeaway.com | WILDCARD | In Scope | 19:11 |
| Added | *.cheaptickets.com | WILDCARD | In Scope | 19:11 |
| Added | *.travelocity.com | WILDCARD | In Scope | 19:11 |
| Added | *.wotif.com | WILDCARD | In Scope | 19:11 |
| Added | *.cruiseshipcenters.com | WILDCARD | In Scope | 19:11 |
| Added | *.lastminute.com.au | WILDCARD | In Scope | 19:11 |
| Added | *.carrentals.com | WILDCARD | In Scope | 19:11 |
| Added | *.expediapartnercentral.com | WILDCARD | In Scope | 19:11 |
| Added | *.abritel.fr | WILDCARD | In Scope | 19:11 |
| Added | *.bookabach.co.nz | WILDCARD | In Scope | 19:11 |
| Added | *.fewo-direkt.de | WILDCARD | In Scope | 19:11 |
| Added | *.stayz.com.au | WILDCARD | In Scope | 19:11 |
| Added | *.expediagroup.com | WILDCARD | In Scope | 19:11 |
| Added | *.flights.com | WILDCARD | In Scope | 19:11 |
| Added | *.vrbo.com | WILDCARD | In Scope | 19:11 |
| Added | *.hotwirepartnercentral.com | WILDCARD | In Scope | 19:11 |
| Added | *.ebookers.com | WILDCARD | In Scope | 19:11 |
| Added | *.mrjet.se | WILDCARD | In Scope | 19:11 |
| Added | *.expediapartnersolutions.com | WILDCARD | In Scope | 19:11 |
| Added | *.ean.com | WILDCARD | In Scope | 19:11 |
| Added | *.lastminute.co.nz | WILDCARD | In Scope | 19:11 |
| Added | *.travelocity.ca | WILDCARD | In Scope | 19:11 |
| Added | china.airasiago.com | URL | In Scope | 19:11 |
| Added | thailand.airasiago.com | URL | In Scope | 19:11 |
| Added | http://www.cruiseshipcenters.com/api/searchcenter | URL | In Scope | 19:11 |
| Added | other expedia-owned asset | OTHER | In Scope | 19:11 |
| Added | www.vrbo.com | URL | In Scope | 19:11 |
| Added | com.expediapartnercentral | ANDROID | In Scope | 19:11 |
| Added | 987675995 | IOS | In Scope | 19:11 |
| Added | www.ebookers.fi | URL | In Scope | 19:11 |
| Added | www.expedia-aarp.com | URL | In Scope | 19:11 |
| Added | *.egadvertising.com | WILDCARD | Out of Scope | 19:11 |
| Added | *.hoteles.com | WILDCARD | Out of Scope | 19:11 |
| Added | *.hoteis.com | WILDCARD | Out of Scope | 19:11 |
| Added | *.expediaagents.com | WILDCARD | Out of Scope | 19:11 |
| Added | *.expediacruises.com | WILDCARD | Out of Scope | 19:11 |