WWBN/AVideo
php · WWBN/AVideoHeads-up
AVideo YouTubeAPI Plugin Reflected XSS via search Parameter
Reflected XSS vulnerability in YouTubeAPI plugin: unsanitized $_GET['search'] concatenated into href attributes in plugin/YouTubeA
09 Jun 2026 · schedule it
php · WWBN/AVideoHeads-up
AVideo YouTubeAPI Plugin Stored XSS via snippet.title
Stored XSS vulnerability in AVideo YouTubeAPI plugin: `snippet.
09 Jun 2026 · schedule it
php · WWBN/AVideoCritical
AVideo YPTSocket Plugin Unauthenticated Stored DOM XSS via page_title
Unauthenticated stored DOM XSS via `page_title` broadcast in AVideo YPTSocket plugin.
09 Jun 2026 · act now