High severity7.5NVD Advisory· Published Apr 12, 2021· Updated Jun 17, 2026
CVE-2021-24227
CVE-2021-24227
Description
The Jetpack Scan team identified a Local File Disclosure vulnerability in the Patreon WordPress plugin before 1.7.0 that could be abused by anyone visiting the site. Using this attack vector, an attacker could leak important internal files like wp-config.php, which contains database credentials and cryptographic keys used in the generation of nonces and cookies.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <1.7.0
- Range: 1.7.0
Patches
Vulnerability mechanics
References
2- jetpack.com/2021/03/26/vulnerabilities-found-in-patreon-wordpress-plugin/nvdExploitThird Party Advisory
- wpscan.com/vulnerability/f62df02d-7678-440f-84a1-ddbf09364016nvdThird Party Advisory
News mentions
0No linked articles in our index yet.