VYPR

Patreon WordPress

by WordPress

CVEs (2)

  • CVE-2021-25026MedMar 14, 2022
    risk 0.36cvss 5.5epss 0.01

    The Patreon WordPress plugin before 1.8.2 does not sanitise and escape the field "Custom Patreon Page name", which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed

  • CVE-2023-41129MedNov 18, 2023
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in Patreon Patreon WordPress.This issue affects Patreon WordPress: from n/a through 1.8.6.