Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Patreon — Vulnerabilities & Security Advisories 3

Browse all 3 CVE security advisories affecting Patreon. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Patreon enables creators to monetize content through subscription-based funding, processing payments and managing exclusive content for patrons. Historically, the platform has faced vulnerabilities including cross-site scripting (XSS), remote code execution (RCE), and privilege escalation flaws, often related to improper input validation and access controls. Notable security characteristics include handling sensitive financial data and user-generated content, with past incidents including a 2017 breach exposing user and creator data. The platform maintains three CVE records, reflecting ongoing security challenges in balancing functionality with robust protection for its payment processing and content distribution systems.

Top products by Patreon: Patreon WordPress
CVE IDTitleCVSSSeverityPublished
CVE-2025-24588 WordPress Patreon WordPress plugin <= 1.9.1 - Broken Access Control vulnerability — Patreon WordPressCWE-862 6.5 Medium2025-01-24
CVE-2024-37430 WordPress Patreon WordPress plugin <= 1.9.0 - Image Protection Bypass vulnerability — Patreon WordPressCWE-290 5.3 Medium2024-07-09
CVE-2023-41129 WordPress Patreon WordPress Plugin <= 1.8.6 is vulnerable to Cross Site Request Forgery (CSRF) — Patreon WordPressCWE-352 4.3 Medium2023-11-18

This page lists every published CVE security advisory associated with Patreon. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.