B3NCLOUD ARTICLE INTELLIGENCE

ARTICLEVIEW

Zurück zu News
cvefeed.io
RISK: Mittel (4.0)

CVE-2026-56341 - AVideo - Unauthenticated Access to Payment Log DataTables Endpoints via list.json.php

CVE ID :CVE-2026-56341 Published : June 20, 2026, 6:27 p.m. | 42 minutes ago Description :AVideo through version 26.0 contains multiple unauthenticated list.json.php endpoints in payment plugins lacking authorization checks, exposing PayPal tokens, Authorize.Net webhooks, and Bitcoin...

#Sicherheitslücke
Original-Artikel öffnen Zurück zur Übersicht

VERWANDTEARTIKEL

CVE-2026-56345 - AVideo - Arbitrary User Session Hijacking via Meet Plugin uploadRecordedVideo Endpoint

2026-06-20 Mittel

CVE-2026-56340 - vLLM - Denial of Service via Unvalidated Multimodal Embeddings

2026-06-20 Mittel

CVE-2026-5366 - Git Argument Injection in prefecthq/prefect

2026-06-20 Mittel

CVE-2024-58351 - Flowise - Remote Code Execution via overrideConfig Parameter

2026-06-20 Mittel

CVE-2022-50972 - WooCommerce 7.1.0 Remote Code Execution via class-wc-meta-box-product-images.php

2026-06-20 Mittel

CVE-2020-37255 - WordPress Time Capsule Plugin 1.21.16 Authentication Bypass

2026-06-20 Mittel