CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-37430 – WordPress Patreon WordPress plugin <= 1.9.0 - Image Protection Bypass vulnerability
https://notcve.org/view.php?id=CVE-2024-37430
Authentication Bypass by Spoofing vulnerability in Patreon Patreon WordPress allows Functionality Misuse.This issue affects Patreon WordPress: from n/a through 1.9.0. Vulnerabilidad de omisión de autenticación mediante suplantación de identidad en Patreon Patreon WordPress permite el uso indebido de la funcionalidad. Este problema afecta a Patreon WordPress: desde n/a hasta 1.9.0. The Patreon WordPress plugin for WordPress is vulnerable to protection mechanism bypass in all versions up to, and including, 1.9.0. This is due to plugin allowing a bypass when a specific header was supplied. • https://patchstack.com/database/vulnerability/patreon-connect/wordpress-patreon-wordpress-plugin-1-9-0-image-protection-bypass-vulnerability?_s_id=cve • CWE-290: Authentication Bypass by Spoofing CWE-693: Protection Mechanism Failure •