If you discover any security vulnerabilities on Mawexa, please contact us immediately.
We take all valid reports seriously and will work quickly to resolve any confirmed issues.

Before submitting a report, please review the following guidelines, including our core principles, bounty program requirements, and non-qualifying issues.

SECTION 1 – CORE PRINCIPLES

Mawexa will not pursue legal action against individuals who report vulnerabilities in accordance with the guidelines below.

We ask that you:

Allow Reasonable Time

  • Give us sufficient time to investigate and resolve the issue before disclosing it publicly.

Respect User Privacy

  • Do not access or attempt to retrieve personal data from other users without explicit permission.

Act in Good Faith

  • Do not cause harm, including service disruption, data destruction, or privacy violations.

Do Not Exploit the Vulnerability

  • Do not use the vulnerability to access sensitive data or increase risk.

Follow Applicable Laws

  • Ensure your actions comply with all relevant laws and regulations.

SECTION 2 – BOUNTY PROGRAM

Mawexa appreciates the efforts of ethical security researchers.
We may offer monetary rewards for valid and impactful vulnerability reports, based on severity, risk, and overall impact.

To qualify for a bounty, you must:

Comply with Core Principles

  • Follow all guidelines outlined in Section 1.

Report a Valid Security Issue

  • The vulnerability must present a real risk to our systems or users (not all reports qualify).

Submit Through Official Channels

  • Do not contact individual employees directly.

Report Responsibly

  • If you accidentally access data or disrupt services, report it immediately without further exploration.

SECTION 3 – NON-ELIGIBLE SUBMISSIONS

The following issues are not eligible for bounty rewards:

  • Spam, social engineering, or phishing unrelated to our systems
  • Missing SPF/DMARC records
  • Clickjacking on non-sensitive pages
  • Rate-limiting or brute-force issues without clear impact
  • Denial-of-Service (DoS) attacks
  • Issues requiring rooted or jailbroken devices
  • Reports involving outdated browsers or extensions

HOW TO SUBMIT A REPORT

To report a vulnerability, please follow these steps:

📧 Email: contact@mawexa.shop

When submitting your report, include as much detail as possible:

  • Clear reproduction steps
  • Potential impact of the issue
  • Screenshots or code snippets (if applicable)

CONTACT INFORMATION

📱 Phone: +1 (731) 2364754
Email: contact@mawexa.shop
📍 Address: 434 N Kilbourn Ave, Chicago, IL 60624, United States