A vulnerability categorized as problematic has been discovered in WWBN AVideo up to 29.0 . This impacts the function users_list of the file objects/plugins.json.php of the component API Endpoint . Such manipulation leads to information disclosure. This vulnerability is listed as CVE-2026-43885 . The attack may be performed from remote. There is no available exploit. Applying a patch is advised to resolve this issue.