CVE-2021-24231

CVE-2021-24231: Patreon WordPress < 1.7.0 - CSRF to Disconnect Sites From Patreon

Vendor Unknown
Product Patreon WordPress
Weakness CWE-352 · CSRF
Published April 12, 2021
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

The Jetpack Scan team identified a Cross-Site Request Forgery vulnerability in the Patreon WordPress plugin before 1.7.0, allowing attackers to make a logged administrator disconnect the site from Patreon by visiting a specially crafted link.

Key dates

02Disclosure timeline

April 12, 2021 CVE published
August 3, 2024 Record updated