Email sales@smartertools.com I am sure they will get you to where you need to go to report the issue.

Thanks for the advise. I still wait for the official response today as I do not want to share this sensitive issues with the wrong audience. If get nothing by 4pm GMT, I will have no choice other than using the sales email. 

It would be great if a page or a knowledge base entry could be created to advise people how to report security issues.

Dude, every company has a support email address to fill out. Are you saying creating an account, writing in a public forum is easier than emailing? No response okay but it seems like yours words are more of a threat than trying to be helpful. Just saying.

Sorry you have miss-understood me. As I have said before, by 4pm I am going to send the info to their Sales email if there is no response. How is this a threat if that's how they work? I do not normally send the issue details to the sales department in the first place to decrease the exposure and to speed up the process (it is backfiring here atm though). 

I am just trying to responsibly disclose some issues to the relevant technical team, and I don't think a company should make this difficult to encourage security researchers to report responsibly. I have sent them a DM in their Twitter account but I haven't received any response yet. 

From what I have gathered so far, there is no support email unless I have missed it. There is a form you should use and that is only available to people with a valid license. I don't think it is fair to buy a license just for this purpose as I am basically contributing for free.

I agree on the form but stating "You must complete this task by X time" or I will expose you is a threat (in my mind). This is a community of people that believe in the product. Every product (I mean every product) has flaws. Contacting sales is not a bad thing. It's listed everywhere on the site. The management team actively watch these threads as well and you can even PM (private message) them. When I read what you wrote all I thought was all the bad in the world trying to come out and threaten. You could've even emailed sales (or any of their emails) and state "I believe I have found a security hole and would like to privately discuss it.". That would've been better.

Beyond that I do believe a security@smartertools.com would be a great addition (if it doesn't already exist).

Thanks for providing me with the email. I will be in touch shortly.