Vulnerabilities > Patreon > Patreon Wordpress > 1.7.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-18 | CVE-2023-41129 | Unspecified vulnerability in Patreon Wordpress Cross-Site Request Forgery (CSRF) vulnerability in Patreon Patreon WordPress.This issue affects Patreon WordPress: from n/a through 1.8.6. | 8.8 |
| 2022-03-14 | CVE-2021-25026 | Unspecified vulnerability in Patreon Wordpress The Patreon WordPress plugin before 1.8.2 does not sanitise and escape the field "Custom Patreon Page name", which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed | 5.5 |
| 2021-04-12 | CVE-2021-24229 | Unspecified vulnerability in Patreon Wordpress The Jetpack Scan team identified a Reflected Cross-Site Scripting via the patreon_save_attachment_patreon_level AJAX action of the Patreon WordPress plugin before 1.7.2. | 9.6 |
| 2021-04-12 | CVE-2021-24228 | Unspecified vulnerability in Patreon Wordpress The Jetpack Scan team identified a Reflected Cross-Site Scripting in the Login Form of the Patreon WordPress plugin before 1.7.2. | 9.6 |