Lucene search

CVE-2021-24229

🗓️ 12 Apr 2021 14:16:15Reported by WPScanType

The Patreon WordPress plugin before 1.7.2 allows Reflected Cross-Site Scripting via patreon_save_attachment_patreon_level AJAX action

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 6
Patchstack	WordPress Patreon WordPress plugin <= 1.7.1 - Reflected Cross-Site Scripting (XSS) vulnerability	26 Mar 202100:00	–	patchstack
Prion	Cross site scripting	12 Apr 202114:15	–	prion
WPVulnDB	Patreon WordPress < 1.7.2 - Reflected XSS on patreon_save_attachment_patreon_level AJAX action	26 Mar 202100:00	–	wpvulndb
NVD	CVE-2021-24229	12 Apr 202114:15	–	nvd
Cvelist	CVE-2021-24229 Patreon WordPress < 1.7.2 - Reflected XSS on patreon_save_attachment_patreon_level AJAX action	12 Apr 202114:05	–	cvelist
CNVD	Patreon WordPress Cross-Site Scripting Vulnerability (CNVD-2021-28760)	13 Apr 202100:00	–	cnvd

Nvd

Vulners

Node

patreon patreon_wordpressRange<1.7.2wordpress

[
  {
    "product": "Patreon WordPress",
    "vendor": "Unknown",
    "versions": [
      {
        "lessThan": "1.7.2",
        "status": "affected",
        "version": "1.7.2",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
wpscan	www.wpscan.com/vulnerability/001755c4-add3-4566-a022-ab1f83546c1f
jetpack	www.jetpack.com/2021/03/26/vulnerabilities-found-in-patreon-wordpress-plugin/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

12 Apr 2021 14:15Current

8.7High risk

Vulners AI Score8.7

CVSS26.8

CVSS39.6

EPSS0.00635

CWE-79