CVE-2026-33502 | WWBN AVideo up to 26.0 HTTP Request plugin/Live/test.php server-side request forgery (GHSA-3fpm-8rjr-v5mc)

Inserito da Angelo Barbosa | Mar 23, 2026 | CVE

A vulnerability, which was classified as critical, was found in WWBN AVideo up to 26.0. Affected by this vulnerability is an unknown functionality of the file plugin/Live/test.php of the component HTTP Request Handler. Such manipulation leads to server-side request forgery.

This vulnerability is referenced as CVE-2026-33502. It is possible to launch the attack remotely. No exploit is available.

It is best practice to apply a patch to resolve this issue.

CVE-2026-33502 | WWBN AVideo up to 26.0 HTTP Request plugin/Live/test.php server-side request forgery (GHSA-3fpm-8rjr-v5mc)

Post correlati

CVE-2024-26927 | Linux Kernel up to 6.1.82/6.6.22/6.7.10/6.8.1 ASoC memory corruption

CVE-2024-4171 | Tenda W30E 1.0/1.0.1.25 /goform/WizardHandle fromWizardHandle PPW stack-based overflow

CVE-2023-50717 | NocoDB up to 0.202.9 HTML File HTML injection

CVE-2023-6878 | Slick Social Share Buttons Plugin up to 2.4.11 on WordPress Option access control