A vulnerability identified as problematic has been detected in WWBN AVideo up to 26.0. This issue affects the function
User::isAdmin of the file plugin/Permissions/View/Users_groups_permissions/list.json.php. This manipulation causes missing authorization.
This vulnerability appears as CVE-2026-33501. The attack may be initiated remotely. There is no available exploit.
It is recommended to apply a patch to fix this issue.
