CVE-2018-20984
CRITICALPatreon Wordpress < 1.2.2 - Insecure Deserialization
Title source: ruleDescription
The patreon-connect plugin before 1.2.2 for WordPress has Object Injection.
Scores
CVSS v3
9.8
EPSS
0.0080
EPSS Percentile
73.7%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Classification
CWE
CWE-502
Status
published
Affected Products (1)
patreon/patreon_wordpress
< 1.2.2
Timeline
Published
Aug 22, 2019
Tracked Since
Feb 18, 2026