CVE-2026-56342 | AVideo up to 27.0 Network Configuration plugin/Live/test.php isSSRFSafeURL statsURL server-side request forgery (GHSA-wxjx-r2j2-96fx)

Inserito da Angelo Barbosa | Giu 20, 2026 | CVE

A vulnerability classified as critical has been found in AVideo up to 27.0. This affects the function isSSRFSafeURL of the file plugin/Live/test.php of the component Network Configuration Handler. Performing a manipulation of the argument statsURL results in server-side request forgery.

This vulnerability is reported as CVE-2026-56342. The attack is possible to be carried out remotely. No exploit exists.

CVE-2026-56342 | AVideo up to 27.0 Network Configuration plugin/Live/test.php isSSRFSafeURL statsURL server-side request forgery (GHSA-wxjx-r2j2-96fx)

Post correlati

CVE-2024-8902 | Elementor Addon Elements Plugin up to 1.13.8 on WordPress table_saved_sections information disclosure

CVE-2025-65404 | Live555 Streaming Media 2018.09.02 MP3 Stream getSideInfo2 buffer overflow

CVE-2023-46932 | GPAC 2.3-DEV-rev617-g671976fcc-master MP4Box src/media_tools/avilib.c denial of service

CVE-2024-10726 | mainichiweb Friendly Functions for Welcart Plugin up to 1.2.4 on WordPress Setting cross-site request forgery