Hasthemes Shoplentor

21 CVEs affecting Hasthemes Shoplentor. Latest disclosed: 2025-11-04. Critical: 2, High: 1.

Top CVEs affecting Hasthemes Shoplentor
CVESeverityScorePublishedSummary
CVE-2025-12493Critical9.82025-11-04The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +21 Modules – All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to Loc…
CVE-2023-0232Critical9.82023-02-21The ShopLentor WordPress plugin before 2.5.4 unserializes user input from cookies in order to track viewed products and user data, which could lead to PHP Obje…
CVE-2024-4566High7.12024-05-21The ShopLentor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_dismiss function in all ve…
CVE-2025-58990Medium6.52025-09-09Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DevItems ShopLentor woolentor-addons allows Stored XSS.Th…
CVE-2025-3775Medium6.52025-04-25The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules – All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to Ser…
CVE-2024-34767Medium6.52024-06-03Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in HasThemes ShopLentor allows Stored XSS.This issue…
CVE-2025-11823Medium6.42025-10-25The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +21 Modules – All in One Solution plugin for WordPress is vulnerable to Stored Cross-Site Script…
CVE-2025-1527Medium6.42025-03-12The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules – All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to a S…
CVE-2024-5530Medium6.42024-06-11The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to Sto…
CVE-2024-3345Medium6.42024-05-21The ShopLentor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's woolentorsearch shortcode in all versions up to, and includin…
CVE-2024-3991Medium6.42024-05-02The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to Sto…
CVE-2024-1057Medium6.42024-04-20The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +10 Modules – All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to Sto…
CVE-2024-2946Medium6.42024-04-09The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to Sto…
CVE-2024-1960Medium6.42024-04-09The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to Sto…
CVE-2024-2868Medium6.42024-04-04The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to Sto…
CVE-2022-46798Medium5.42023-03-01Cross-Site Request Forgery (CSRF) vulnerability in HasThemes ShopLentor plugin <= 2.5.1 leading to plugin settings change.
CVE-2023-0231Medium5.42023-02-21The ShopLentor WordPress plugin before 2.5.4 does not validate and escape some of its block options before outputting them back in a page/post where the block…
CVE-2023-6327Medium5.32024-05-14The ShopLentor (formerly WooLentor) plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the purchased_new_pr…
CVE-2024-9538Medium4.32024-10-11The ShopLentor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.9.8 via the 'render' function in in…
CVE-2023-7067Medium4.32024-05-02The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +10 Modules – All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to una…