CVE-2023-25970

Name of the Vulnerable Software and Affected Versions Zendrop – Global Dropshipping versions 1.0.0 and earlier

Description The issue is related to an Unrestricted Upload of File with Dangerous Type, which affects Zendrop – Global Dropshipping. This allows for the upload of files with potentially dangerous types, posing a security risk.

Recommendations For versions 1.0.0 and earlier, consider restricting file uploads to only allow safe file types until a patch is available. As a temporary workaround, consider disabling file upload functionality until a fix is provided. At the moment, there is no information about a newer version that contains a fix for this vulnerability.