Hasthemes Shoplentor
21 CVEs affecting Hasthemes Shoplentor. Latest disclosed: 2025-11-04. Critical: 2, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-12493 | Critical | 9.8 | 2025-11-04 | The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +21 Modules – All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to Loc… |
CVE-2023-0232 | Critical | 9.8 | 2023-02-21 | The ShopLentor WordPress plugin before 2.5.4 unserializes user input from cookies in order to track viewed products and user data, which could lead to PHP Obje… |
CVE-2024-4566 | High | 7.1 | 2024-05-21 | The ShopLentor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_dismiss function in all ve… |
CVE-2025-58990 | Medium | 6.5 | 2025-09-09 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DevItems ShopLentor woolentor-addons allows Stored XSS.Th… |
CVE-2025-3775 | Medium | 6.5 | 2025-04-25 | The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules – All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to Ser… |
CVE-2024-34767 | Medium | 6.5 | 2024-06-03 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in HasThemes ShopLentor allows Stored XSS.This issue… |
CVE-2025-11823 | Medium | 6.4 | 2025-10-25 | The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +21 Modules – All in One Solution plugin for WordPress is vulnerable to Stored Cross-Site Script… |
CVE-2025-1527 | Medium | 6.4 | 2025-03-12 | The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules – All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to a S… |
CVE-2024-5530 | Medium | 6.4 | 2024-06-11 | The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to Sto… |
CVE-2024-3345 | Medium | 6.4 | 2024-05-21 | The ShopLentor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's woolentorsearch shortcode in all versions up to, and includin… |
CVE-2024-3991 | Medium | 6.4 | 2024-05-02 | The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to Sto… |
CVE-2024-1057 | Medium | 6.4 | 2024-04-20 | The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +10 Modules – All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to Sto… |
CVE-2024-2946 | Medium | 6.4 | 2024-04-09 | The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to Sto… |
CVE-2024-1960 | Medium | 6.4 | 2024-04-09 | The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to Sto… |
CVE-2024-2868 | Medium | 6.4 | 2024-04-04 | The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to Sto… |
CVE-2022-46798 | Medium | 5.4 | 2023-03-01 | Cross-Site Request Forgery (CSRF) vulnerability in HasThemes ShopLentor plugin <= 2.5.1 leading to plugin settings change. |
CVE-2023-0231 | Medium | 5.4 | 2023-02-21 | The ShopLentor WordPress plugin before 2.5.4 does not validate and escape some of its block options before outputting them back in a page/post where the block… |
CVE-2023-6327 | Medium | 5.3 | 2024-05-14 | The ShopLentor (formerly WooLentor) plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the purchased_new_pr… |
CVE-2024-9538 | Medium | 4.3 | 2024-10-11 | The ShopLentor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.9.8 via the 'render' function in in… |
CVE-2023-7067 | Medium | 4.3 | 2024-05-02 | The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +10 Modules – All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to una… |