Compared to other bug bounties it isn't bad at all. Airline miles are generally valued at around a penny a mile, so $500 for XSS, $2500 for an auth bypass, $10000 for code exec isn't all that bad.