WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

Patreon WordPress

2022-02-21
Patreon WordPress < 1.8.2 - Admin+ Stored Cross-Site Scripting
Fixed in version 1.8.2
2021-03-26
Patreon WordPress < 1.7.0 - Unauthenticated Local File Disclosure
Fixed in version 1.7.0
2021-03-26
Patreon WordPress < 1.7.0 - CSRF to Overwrite/Create User Meta
Fixed in version 1.7.0
2021-03-26
Patreon WordPress < 1.7.0 - CSRF to Disconnect Sites From Patreon
Fixed in version 1.7.0
2021-03-26
Patreon WordPress < 1.7.2 - Reflected XSS on Login Form
Fixed in version 1.7.2
2021-03-26
Patreon WordPress < 1.7.2 - Reflected XSS on patreon_save_attachment_patreon_level AJAX action
Fixed in version 1.7.2
2018-11-23
Patreon Connect < 1.2.2 - PHP Object Injection
Fixed in version 1.2.2