GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
31 advisories
AVideo: CSRF on Plugin Enable/Disable Endpoint Allows Disabling Security Plugins
Moderate
CVE-2026-34613
was published
for
wwbn/avideo
(Composer)
Apr 1, 2026
AVideo: CSRF on emailAllUsers.json.php Enables Mass Phishing Email to All Users
Moderate
CVE-2026-34611
was published
for
wwbn/avideo
(Composer)
Apr 1, 2026
AVideo has Stored XSS via Unescaped Plugin Configuration Values in Admin Panel
Moderate
CVE-2026-34396
was published
for
wwbn/avideo
(Composer)
Mar 31, 2026
AVideo vulnerable to Mass User PII Disclosure via Missing Authorization in YPTWallet users.json.php
Moderate
CVE-2026-34395
was published
for
wwbn/avideo
(Composer)
Mar 31, 2026
AVideo's CSRF on Admin Plugin Configuration Enables Payment Credential Hijacking
High
CVE-2026-34394
was published
for
wwbn/avideo
(Composer)
Mar 31, 2026
AVideo Vulnerable to Reflected XSS via Unsanitized plugin Parameter in YPTWallet Stripe Payment Page
High
CVE-2026-34375
was published
for
wwbn/avideo
(Composer)
Mar 30, 2026
ProTip!
Advisories are also available from the
GraphQL API