CVE-2026-33502 | WWBN AVideo up to 26.0 HTTP Request plugin/Live/test.php server-side request forgery (GHSA-3fpm-8rjr-v5mc)

Inserito da Angelo Barbosa | Mar 23, 2026 | CVE

A vulnerability, which was classified as critical, was found in WWBN AVideo up to 26.0. Affected by this vulnerability is an unknown functionality of the file plugin/Live/test.php of the component HTTP Request Handler. Such manipulation leads to server-side request forgery.

This vulnerability is referenced as CVE-2026-33502. It is possible to launch the attack remotely. No exploit is available.

It is best practice to apply a patch to resolve this issue.

CVE-2026-33502 | WWBN AVideo up to 26.0 HTTP Request plugin/Live/test.php server-side request forgery (GHSA-3fpm-8rjr-v5mc)

Post correlati

CVE-2023-41542 | jeecg-boot 3.5.3 jmreport/qurestSql sql injection

CVE-2024-49520 | Adobe Substance3D Painter up to 10.1.0 out-of-bounds write (apsb24-86)

CVE-2024-35698 | YITH WooCommerce Tab Manager Plugin up to 1.35.0 on WordPress cross site scripting

CVE-2024-0616 | Passster Plugin up to 4.2.6.2 on WordPress authorization