[MEDIUM] ShopXO Vulnerable to Server-Side Request Forgery (SSRF) via Image Upload

PKSA-j1x4-mxtx-qyhb CVE-2025-28092 GHSA-p736-g6pg-hjhw

Affected package: shopxo/shopxo

Affected version: <=6.4.0

Reported by:
GitHub