Vulnerability Disclosure Program (VDP)

VDPs are meant for responsibly reporting vulnerabilities you encounter — not for actively hunting for fame or reputation. Even if you're just starting out, consider focusing on rewarded bug bounty programs instead.

paystack-vdp

HackerOneView on HackerOne
RawAI Enhanced
14
In Scope
0
Out of Scope
In-Scope Assets (14)
AssetCategoryBountyQuick Links
*.paystack.comWILDCARDNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
*.paystackintegrations.comURLNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
Assets which are owned by Paystack are in scope for this Vulnerability Disclosure ProgramOTHERNo-
api.paystack.coURLNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
checkout.paystack.comURLNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
com.paystack.zapANDROIDNo
Play StoreAPKPureAPKMirror
dashboard.paystack.comURLNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
decodefintech.comURLNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
nigerialogos.comURLNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
paystack.shopURLNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
paystackintegrations.comURLNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
paystackmfb.comURLNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
standard.paystack.coURLNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
zap.moneyURLNo
crt.shGoogleShodanSecurityTrailsWaybackDNSdumpsterVirusTotalAlienVault OTXGitHubFofa
Scope Changes (42)
Feb 25, 2026
ChangeAssetCategoryScopeTime
Addedcheckout.paystack.comURLIn Scope20:23
Addedapi.paystack.coURLIn Scope20:23
Addeddashboard.paystack.comURLIn Scope20:23
Addedzap.moneyURLIn Scope20:23
Addedpaystackintegrations.comURLIn Scope20:23
Addedpaystackmfb.comURLIn Scope20:23
Addedstandard.paystack.coURLIn Scope20:23
Addedpaystack.shopURLIn Scope20:23
Addednigerialogos.comURLIn Scope20:23
Addeddecodefintech.comURLIn Scope20:23
Added*.paystack.comWILDCARDIn Scope19:13
Addedassets which are owned by paystack are in scope for this vulnerability disclosure programOTHERIn Scope19:13
Addedcom.paystack.zapANDROIDIn Scope19:13
Added*.paystackintegrations.comWILDCARDIn Scope19:13
Feb 22, 2026
ChangeAssetCategoryScopeTime
Addedpaystackintegrations.comURLIn Scope00:59
Addedpaystackmfb.comURLIn Scope00:59
Addeddashboard.paystack.comURLIn Scope00:59
Addedstandard.paystack.coURLIn Scope00:59
Addedpaystack.shopURLIn Scope00:59
Addednigerialogos.comURLIn Scope00:59
Addeddecodefintech.comURLIn Scope00:59
Addedcheckout.paystack.comURLIn Scope00:59
Addedapi.paystack.coURLIn Scope00:59
Addedzap.moneyURLIn Scope00:59
Addedassets which are owned by paystack are in scope for this vulnerability disclosure programOTHERIn Scope00:43
Addedcom.paystack.zapANDROIDIn Scope00:43
Added*.paystack.comWILDCARDIn Scope00:43
Added*.paystackintegrations.comWILDCARDIn Scope00:43
Feb 21, 2026
ChangeAssetCategoryScopeTime
Addedcom.paystack.zapANDROIDIn Scope19:12
Added*.paystackintegrations.comURLIn Scope19:12
Addednigerialogos.comURLIn Scope19:12
Addeddecodefintech.comURLIn Scope19:12
Addedcheckout.paystack.comURLIn Scope19:12
Addedapi.paystack.coURLIn Scope19:12
Addeddashboard.paystack.comURLIn Scope19:12
Added*.paystack.comWILDCARDIn Scope19:12
Addedstandard.paystack.coURLIn Scope19:12
Addedassets which are owned by paystack are in scope for this vulnerability disclosure programOTHERIn Scope19:12
Addedzap.moneyURLIn Scope19:12
Addedpaystackintegrations.comURLIn Scope19:12
Addedpaystackmfb.comURLIn Scope19:12
Addedpaystack.shopURLIn Scope19:12