I've come across an entire category of security vulnerabilities

There are a lot of sites affected. What bug bounty programs would you recommend? Or how do I disclose something when it's not just specific to a single piece of software or website? There are a lot of things that are vulnerable to this. I am being vague on purpose.

Don't tell anyone and keep it to yourself. This is assuming you actually have something of value and not just "if the user is an idiot we can get him/her to do X."

"Those who give up freedom for security deserve neither."