We have just released a critical security fix for the discourse-patreon plugin. If you use this plugin, please make sure to update as soon as possible.
If you are hosted by us at discourse.org, the fix has already been applied to your site and there’s nothing you need to do.
More details on the issue can be found in the security advisory (CVE-2022-39355)