CVE-2025-30933

Published Jul 4, 2025

Last updated 10 days ago

CVSS critical 10.0

Overview

Description
Unrestricted Upload of File with Dangerous Type vulnerability in LiquidThemes LogisticsHub allows Upload a Web Shell to a Web Server. This issue affects LogisticsHub: from n/a through 1.1.6.
Source
audit@patchstack.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
10
Impact score
6
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

audit@patchstack.com
CWE-434

Social media

Hype score
Not currently trending

  1. [CVE-2025-30933: CRITICAL] Beware! LiquidThemes LogisticsHub version from n/a through 1.1.6 is vulnerable to Unrestricted File Upload leading to Web Shell upload on Web Servers. #CyberSecurity#cve,CVE-2025-30933,#cybersecurity https://t.co/Ysh2uH9Gw2 https://t.co/TtIFC5PsGL

    @CveFindCom

    4 Jul 2025

    27 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.