3 matches found
CVE-2026-34737
WWBN AVideo is an open source video platform. In versions 26.0 and prior, the StripeYPT plugin includes a test.php debug endpoint that is accessible to any logged-in user, not just administrators. This endpoint processes Stripe webhook-style payloads and triggers subscription operations, includin...
WWBN AVideo 安全漏洞
WWBN AVideo is a video platform building system developed by the WWBN team using PHP. Versions of WWBN AVideo prior to 26.0 contained security vulnerabilities. These vulnerabilities stemmed from logical errors in the test.php debugging endpoint of the StripeYPT plugin, which could lead to arbitra...
PT-2026-29364
Name of the Vulnerable Software and Affected Versions AVideo versions 26.0 and prior Description AVideo is an open source video platform. A debug endpoint, test.php, within the StripeYPT plugin is accessible to all logged-in users, not just administrators. This endpoint processes Stripe...