Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/04/01 11:0 p.m.4 views

CVE-2026-34737

WWBN AVideo is an open source video platform. In versions 26.0 and prior, the StripeYPT plugin includes a test.php debug endpoint that is accessible to any logged-in user, not just administrators. This endpoint processes Stripe webhook-style payloads and triggers subscription operations, includin...

6.5CVSS6AI score0.00281EPSS
Exploits1References1
EUVD
EUVD
added 2026/04/01 9:6 p.m.8 views

EUVD-2026-17654

AVideo: Arbitrary Stripe Subscription Cancellation via Debug Endpoint and retrieveSubscriptions Bug...

6.5CVSS5.8AI score0.00281EPSS
Exploits1References3
NVD
NVD
added 2026/03/31 9:16 p.m.1 views

CVE-2026-34737

WWBN AVideo is an open source video platform. In versions 26.0 and prior, the StripeYPT plugin includes a test.php debug endpoint that is accessible to any logged-in user, not just administrators. This endpoint processes Stripe webhook-style payloads and triggers subscription operations, includin...

6.5CVSS0.00281EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/03/31 8:53 p.m.21 views

CVE-2026-34737 AVideo: Arbitrary Stripe Subscription Cancellation via Debug Endpoint and retrieveSubscriptions() Bug

WWBN AVideo is an open source video platform. In versions 26.0 and prior, the StripeYPT plugin includes a test.php debug endpoint that is accessible to any logged-in user, not just administrators. This endpoint processes Stripe webhook-style payloads and triggers subscription operations, includin...

6.5CVSS0.00281EPSS
Exploits1References1
Rows per page
Query Builder