Every CVE whose affected-product data names Hasthemes Shoplentor, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (19)
CVE-2023-0232 — CVSS 9.8 (critical): The ShopLentor WordPress plugin before 2.5.4 unserializes user input from cookies in order to track viewed products and user data, which…
CVE-2025-12493 — CVSS 9.8 (critical): The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +21 Modules – All in One Solution (formerly WooLentor) plugin for…
CVE-2024-4566 — CVSS 7.1 (high): The ShopLentor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the…
CVE-2025-58990 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DevItems ShopLentor woolentor-addons…
CVE-2024-34767 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in HasThemes ShopLentor allows…
CVE-2025-3775 — CVSS 6.5 (medium): The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules – All in One Solution (formerly WooLentor) plugin for…
CVE-2024-1960 — CVSS 6.4 (medium): The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) plugin for…
CVE-2024-2946 — CVSS 6.4 (medium): The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) plugin for…
CVE-2024-3345 — CVSS 6.4 (medium): The ShopLentor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's woolentorsearch shortcode in all versions…
CVE-2025-11823 — CVSS 6.4 (medium): The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +21 Modules – All in One Solution plugin for WordPress is vulnerable to…
CVE-2025-1527 — CVSS 6.4 (medium): The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules – All in One Solution (formerly WooLentor) plugin for…
CVE-2024-1057 — CVSS 6.4 (medium): The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +10 Modules – All in One Solution (formerly WooLentor) plugin for…
CVE-2024-2868 — CVSS 6.4 (medium): The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) plugin for…
CVE-2024-3991 — CVSS 6.4 (medium): The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) plugin for…
CVE-2024-5530 — CVSS 6.4 (medium): The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) plugin for…
CVE-2023-0231 — CVSS 5.4 (medium): The ShopLentor WordPress plugin before 2.5.4 does not validate and escape some of its block options before outputting them back in a…
CVE-2023-6327 — CVSS 5.3 (medium): The ShopLentor (formerly WooLentor) plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on…
CVE-2024-9538 — CVSS 4.3 (medium): The ShopLentor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.9.8 via the…
CVE-2023-7067 — CVSS 4.3 (medium): The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +10 Modules – All in One Solution (formerly WooLentor) plugin for…