[MEDIUM] AVideo has Stored XSS via Unescaped Plugin Configuration Values in Admin Panel

PKSA-8d8v-tnwh-mvxd CVE-2026-34396 GHSA-v4h7-3x43-qqw4

Affected package: wwbn/avideo

Affected version: <=26.0

Reported by:
GitHub