CVE-2025-26325 | ShopXO 6.4.0 ThemeDataService.php unrestricted upload (Issue 86)

Posted by Angelo Barbosa | Feb 28, 2025 | CVE

A vulnerability has been found in ShopXO 6.4.0 and classified as critical. This vulnerability affects unknown code of the file ThemeDataService.php. The manipulation leads to unrestricted upload.

This vulnerability was named CVE-2025-26325. The attack can be initiated remotely. There is no exploit available.

CVE-2025-26325 | ShopXO 6.4.0 ThemeDataService.php unrestricted upload (Issue 86)

Related Posts

CVE-2024-49385 | Acronis True Image up to 41396 on Windows permission assignment

CVE-2024-53781 | Home Junction SpatialMatch IDX Plugin up to 3.0.9 on WordPress cross-site request forgery

CVE-2024-40506 | openPetra 2023.02 serverMHospitality.asmx cross site scripting

CVE-2024-51032 | SourceCodester Toll Tax Management System 1.0 manage_recipient.php owner cross site scripting