Vulnerabilities > Patreon > Patreon Wordpress > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-04-12 CVE-2021-24228 Cross-site Scripting vulnerability in Patreon Wordpress
The Jetpack Scan team identified a Reflected Cross-Site Scripting in the Login Form of the Patreon WordPress plugin before 1.7.2.
network
low complexity
patreon CWE-79
critical
 9.6
9.6
2021-04-12 CVE-2021-24229 Cross-site Scripting vulnerability in Patreon Wordpress
The Jetpack Scan team identified a Reflected Cross-Site Scripting via the patreon_save_attachment_patreon_level AJAX action of the Patreon WordPress plugin before 1.7.2.
network
low complexity
patreon CWE-79
critical
 9.6
9.6
2019-08-22 CVE-2018-20984 Deserialization of Untrusted Data vulnerability in Patreon Wordpress
The patreon-connect plugin before 1.2.2 for WordPress has Object Injection.
network
low complexity
patreon CWE-502
critical
 9.8
9.8