[HIGH] WWBN AVideo has a CORS Origin Reflection Bypass via plugin/API/router.php and allowOrigin(true) Exposes Authenticated API Responses

PKSA-tsyg-vszv-9tkz GHSA-ff5q-cc22-fgp4

Affected package: wwbn/avideo

Affected version: <=29.0

Reported by:
GitHub