[HIGH] AVideo Vulnerable to Reflected XSS via Unsanitized plugin Parameter in YPTWallet Stripe Payment Page

PKSA-vp5k-2k3q-kh8x CVE-2026-34375 GHSA-pm37-62g7-p768

Affected package: wwbn/avideo

Affected version: <=26.0

Reported by:
GitHub