Patreon Patreon_wordpress
8 CVEs affecting Patreon Patreon_wordpress. Latest disclosed: 2023-11-18. Critical: 3, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2018-20984 | Critical | 9.8 | 2019-08-22 | The patreon-connect plugin before 1.2.2 for WordPress has Object Injection. |
CVE-2021-24229 | Critical | 9.6 | 2021-04-12 | The Jetpack Scan team identified a Reflected Cross-Site Scripting via the patreon_save_attachment_patreon_level AJAX action of the Patreon WordPress plugin bef… |
CVE-2021-24228 | Critical | 9.6 | 2021-04-12 | The Jetpack Scan team identified a Reflected Cross-Site Scripting in the Login Form of the Patreon WordPress plugin before 1.7.2. The WordPress login form (wp-… |
CVE-2021-24230 | High | 8.1 | 2021-04-12 | The Jetpack Scan team identified a Cross-Site Request Forgery vulnerability in the Patreon WordPress plugin before 1.7.0, allowing attackers to make a logged i… |
CVE-2021-24227 | High | 7.5 | 2021-04-12 | The Jetpack Scan team identified a Local File Disclosure vulnerability in the Patreon WordPress plugin before 1.7.0 that could be abused by anyone visiting the… |
CVE-2021-24231 | Medium | 6.5 | 2021-04-12 | The Jetpack Scan team identified a Cross-Site Request Forgery vulnerability in the Patreon WordPress plugin before 1.7.0, allowing attackers to make a logged a… |
CVE-2021-25026 | Medium | 5.5 | 2022-03-14 | The Patreon WordPress plugin before 1.8.2 does not sanitise and escape the field "Custom Patreon Page name", which could allow high privilege users to perform… |
CVE-2023-41129 | Medium | 4.3 | 2023-11-18 | Cross-Site Request Forgery (CSRF) vulnerability in Patreon Patreon WordPress.This issue affects Patreon WordPress: from n/a through 1.8.6. |