CVE-2025-30933

Name of the Vulnerable Software and Affected Versions: LiquidThemes LogisticsHub versions 1.1.6 and earlier

Description: The issue allows for the unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to a web server. This can lead to significant security breaches.

Recommendations: For versions 1.1.6 and earlier, consider disabling file upload functionality until a patch is available to prevent the upload of malicious files. Restrict access to sensitive areas of the web server to minimize the risk of exploitation. Avoid using the vulnerable version of LogisticsHub until an update is released. At the moment, there is no information about a newer version that contains a fix for this vulnerability.