Patreon WordPress <1.7.0 - Unauthenticated Local File Inclusion

Patreon WordPress before version 1.7.0 is vulnerable to unauthenticated local file inclusion that could be abused by anyone visiting the site. Exploitation by an attacker could leak important internal files like wp-config.php, which contains database credentials and cryptographic keys used in the...

EUVD-2018-13520

Malware in sbrugna...

CVE-2018-20984

The patreon-connect plugin before 1.2.2 for WordPress has Object Injection...

WordPress patreon-connect plugin injection vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. An injection vulnerability exists in the WordPress patreon-connect plugin. Detailed vulnerability details are...

CVE-2018-20984

The patreon-connect plugin before 1.2.2 for WordPress has Object Injection...

Design/Logic Flaw

The patreon-connect plugin before 1.2.2 for WordPress has Object Injection...

CVE-2018-20984

The vulnerability CVE-2018-20984 affects the Patreon Connect WordPress plugin prior to version 1.2.2, where a PHP Object Injection weakness has been reported. Multiple sources (NVD entry and Red Hat CVE page) corroborate the issue as an object-injection flaw in the Patreon Connect plugin for Word...

CVE-2018-20984

The patreon-connect plugin before 1.2.2 for WordPress has Object Injection...

Patreon Connect < 1.2.2 - PHP Object Injection

The Patreon WordPress WordPress plugin was affected by a PHP Object Injection security vulnerability...