While WXT is in prerelease, only the latest version will receive security updates. The latest version is:

If you discover a security vulnerability, please email me at aaronklinker1@gmail.com. I will respond within a few days to acknowledge receipt of your report.

If the vulnerability is accepted, I will open a public issue to track the fix. If the vulnerability is not accepted, no further action will be taken.