CVE-2021-24229 — CVSS 9.6 (critical): The Jetpack Scan team identified a Reflected Cross-Site Scripting via the patreon_save_attachment_patreon_level AJAX action of the Patreon…
CVE-2021-24228 — CVSS 9.6 (critical): The Jetpack Scan team identified a Reflected Cross-Site Scripting in the Login Form of the Patreon WordPress plugin before 1.7.2. The…
CVE-2021-24230 — CVSS 8.1 (high): The Jetpack Scan team identified a Cross-Site Request Forgery vulnerability in the Patreon WordPress plugin before 1.7.0, allowing…
CVE-2021-24227 — CVSS 7.5 (high): The Jetpack Scan team identified a Local File Disclosure vulnerability in the Patreon WordPress plugin before 1.7.0 that could be abused by…
CVE-2021-24231 — CVSS 6.5 (medium): The Jetpack Scan team identified a Cross-Site Request Forgery vulnerability in the Patreon WordPress plugin before 1.7.0, allowing…
CVE-2021-25026 — CVSS 5.5 (medium): The Patreon WordPress plugin before 1.8.2 does not sanitise and escape the field "Custom Patreon Page name", which could allow high…
CVE-2023-41129 — CVSS 4.3 (medium): Cross-Site Request Forgery (CSRF) vulnerability in Patreon Patreon WordPress.This issue affects Patreon WordPress: from n/a through 1.8.6.