[CRITICAL] Incorrect Permission Assignment for Critical Resource in ShopXO

PKSA-6f32-r54n-brt2 CVE-2022-28056 GHSA-jfph-3hpg-2f65

Affected package: shopxo/shopxo

Affected version: <2.2.6

Reported by:
GitHub