Unrated severityNVD Advisory· Published Apr 12, 2021· Updated Aug 3, 2024

Patreon WordPress < 1.7.0 - CSRF to Disconnect Sites From Patreon

CVE-2021-24231

Description

The Jetpack Scan team identified a Cross-Site Request Forgery vulnerability in the Patreon WordPress plugin before 1.7.0, allowing attackers to make a logged administrator disconnect the site from Patreon by visiting a specially crafted link.

Affected products

Unknown/Patreon Wordpressv5
Range: 1.7.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

jetpack.com/2021/03/26/vulnerabilities-found-in-patreon-wordpress-plugin/mitrex_refsource_MISC
wpscan.com/vulnerability/f8ab6855-a319-47ac-82fb-58b181e77500mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000