modified plugin OpenID Connect Generic version 3.10.0

wp-content/plugins/openid-connect-generic/SECURITY.md

@@ -0,0 +1,17 @@
+# Security Policy
+
+## Supported Versions
+
+We follow the [WordPress Core style of versioning](https://make.wordpress.org/core/handbook/about/release-cycle/version-numbering/) rather than traditional [SemVer](https://semver.org/). This means that a move from version 3.9 to 4.0 is no different from a move from version 3.8 to 3.9. When a **PATCH** version is released it represents a bug fix, or non-code, only change.
+
+The latest version released is the only version that will receive security updates, generally as a **PATCH** release unless a security issue requires a functionality change in which requires a minor/major version bump.
+
+## Reporting a Vulnerability
+
+For security reasons, the following are acceptable options for reporting all security issues.
+
+1. Via Keybase secure message to [timnolte](https://keybase.io/timnolte/chat) or [daggerhart](https://keybase.io/daggerhart/chat).
+2. Send a DM via the [WordPress Slack](https://make.wordpress.org/chat/) to `tnolte`.
+3. Via a private [security advisory](https://github.com/oidc-wp/openid-connect-generic/security/advisories) notice.
+
+Please disclose responsibly and not via public GitHub Issues (which allows for exploiting issues in the wild before the patch is released).