shopxo/shopxo Security Advisories for v3.0.3 (4)
-
[MEDIUM] ShopXO Vulnerable to Server-Side Request Forgery (SSRF) via Image Upload
PKSA-j1x4-mxtx-qyhb CVE-2025-28092 GHSA-p736-g6pg-hjhw
Affected version: <=6.4.0
Reported by:
GitHub -
[MEDIUM] ShopXO Vulnerable to Server-Side Request Forgery (SSRF) via Email Settings
PKSA-qhm3-1ghs-3nvy CVE-2025-28093 GHSA-gfhv-5rqh-7qx3
Affected version: <=6.4.0
Reported by:
GitHub -
[MEDIUM] ShopXO Vulnerable to Server-Side Request Forgery (SSRF) and Cross-Site Scripting (XSS)
PKSA-9324-gvhq-vph7 CVE-2025-28094 GHSA-24cf-848g-762c
Affected version: <=6.4.0
Reported by:
GitHub -
[MEDIUM] ShopXO Server-Side Request Forgery Vulnerability
PKSA-s39m-bvy5-njtn CVE-2024-6524 GHSA-c96r-38gv-grp4
Affected version: <=6.1.0
Reported by:
GitHub