Avatar — Vulnerabilities & Security Advisories 2

All 2 CVE vulnerabilities found in Avatar, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-3520	Avatar <= 0.1.4 - Authenticated (Subscriber+) Arbitrary File Deletion CWE-22	8.1	High	2025-04-18
CVE-2025-39434	WordPress Avatar plugin <= 0.1.4 - Insecure Direct Object References (IDOR) vulnerability CWE-639	4.3	Medium	2025-04-17

All 2 known CVE vulnerabilities affecting Avatar with full Chinese analysis, references, and POCs where available.