[HIGH] AVideo has Path Traversal in pluginRunDatabaseScript.json.php Enables Arbitrary SQL File Execution via Unsanitized Plugin Name

PKSA-9p99-sn38-6cwv CVE-2026-33681 GHSA-3hwv-x8g3-9qpr

Affected package: wwbn/avideo

Affected version: <=26.0

Reported by:
GitHub