Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 60+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Clear filters
High
WWBN/AVideo install/test.php Unauthorized Information Disclosure
github.com · 2026-04-07
WWBN/AVideo <= 26.0
Read more
Low
WWBN/AVideo BlockonomicsYPT Plugin Unauthenticated Access to Payment Order Data
github.com · 2026-04-07
WWBN/AVideo <= 26.0
Read more
Medium
WWBN AVideo SocialMediaPublisher Unauthenticated Access via Instagram Graph API Proxy
github.com · 2026-04-07
WWBN/AVideo <= 26.0
Read more
High
AVideo CSRF Logo Overwrite via Base64 File Write
github.com · 2026-04-07
AVideo <= 26.0
Read more
High
WWBN/AVideo CSRF Vulnerability and ORM Bypass Analysis
github.com · 2026-04-07
WWBN/AVideo <= 26.0
Read more
Medium
WWBN/AVideo StripeYPT Missing Auth RCE via Debug Endpoint (CVE-2020-34737)
CVE-2020-34737 · github.com · 2026-04-02
WWBN/AVideo <= 26.0
Read more
High
CVE-2020-8420: Mass User PII Disclosure via Missing Authorization in YPTWallet
CVE-2020-8420 · github.com · 2026-04-02
YPTWallet <= 26.0
Read more
High
CVE-2025-34394: AVideo CSRF Vulnerability Enables Payment Credential Hijacking
CVE-2025-34394 · github.com · 2026-04-02
WWBN/AVideo <= 26.0
Read more
Medium
CVE-2024-34730: Reflected XSS in WWBN/AVideo User_Location Plugin
CVE-2024-34730 · github.com · 2026-04-02
WWBN/AVideo <= 26.0
Read more
High
WWBN/AVideo CVE-2024-34731 Unauthenticated Live Stream Termination Vulnerability and POC
CVE-2024-34731 · github.com · 2026-04-02
WWBN/AVideo <= 26.0
Read more
Medium
WWBN/AVideo CSRF Vulnerability (CVE-2024-34113) Exploit and PoC
CVE-2024-34113 · github.com · 2026-04-02
AVideo <= 26.0
Read more
Medium
AVideo CVE-2020-26611 CSRF Vulnerability Enables Mass Phishing via emailAllUsers.json.php
CVE-2020-26611 · github.com · 2026-04-02
AVideo <= 26.0
Read more
Medium
WWBN AVideo CVE-2020-34738 Authorization Bypass via overrideStatus
CVE-2020-34738 · github.com · 2026-04-02
WWBN/AVideo <= 26.0
Read more
Medium
CVE-2024-34396: Stored XSS in WWBN/AVideo Admin Panel with CSRF Chain POC
CVE-2024-34396 · github.com · 2026-04-02
WWBN/AVideo <= 26.0
Read more
Medium
AVideo CVE-2025-34732 Missing Auth in CreatePlugin list.json.php
CVE-2025-34732 · github.com · 2026-04-02
AVideo <= 26.0
Read more
Medium
DOM XSS in WWBN/AVideo YPTSocket Plugin via WebSocket (CVE-2024-34716)
CVE-2024-34716 · github.com · 2026-04-02
WWBN/AVideo <= 26.0
Read more
Medium
AVideo CVE-2024-34740 Stored SSRF via EPG Link
CVE-2024-34740 · github.com · 2026-04-02
WWBN/AVideo <= 26.0
Read more
Medium
WWBN/AVideo PHP Operator Precedence Flaw Leads to Unauthenticated File Deletion (CVE-2025-XXXX)
CVE-2025-XXXX · github.com · 2026-04-02
WWBN/AVideo <= 26.0
Read more
High
AVideo 18.0 Stored XSS via Parsedown Unsafe Mode (CVE-2026-27568)
CVE-2026-27568 · github.com · 2026-02-25
AVideo 18.0
Read more
High
CVE-2026-27732: Authenticated SSRF in AVideo <22
GHSA-h39h-7cvg-q7j6 · github.com · 2026-02-25
WWBN/AVideo <22
Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.