Lucene search

CVE-2023-0232

🗓️ 21 Feb 2023 09:12:15Reported by WPScanType

The ShopLentor WordPress plugin before 2.5.4 allows PHP Object Injection via unserialized user input from cookies

Reporter	Title	Published	Views	Family All 7
WPVulnDB	ShopLentor < 2.5.4 - PHP Object Injection	28 Jan 202300:00	–	wpvulndb
Cvelist	CVE-2023-0232 ShopLentor < 2.5.4 - PHP Object Injection	21 Feb 202308:51	–	cvelist
NVD	CVE-2023-0232	21 Feb 202309:15	–	nvd
Prion	Design/Logic Flaw	21 Feb 202309:15	–	prion
Patchstack	WordPress ShopLentor Plugin < 2.5.4 is vulnerable to PHP Object Injection	30 Jan 202300:00	–	patchstack
Vulnrichment	CVE-2023-0232 ShopLentor < 2.5.4 - PHP Object Injection	21 Feb 202308:51	–	vulnrichment
OpenVAS	WordPress ShopLentor Plugin < 2.5.4 Multiple Vulnerabilities	28 Feb 202300:00	–	openvas

Nvd

Vulners

Node

hasthemes shoplentorRange<2.5.4wordpress

[
  {
    "vendor": "Unknown",
    "product": "ShopLentor",
    "versions": [
      {
        "status": "affected",
        "versionType": "custom",
        "version": "0",
        "lessThan": "2.5.4"
      }
    ],
    "defaultStatus": "unaffected",
    "collectionURL": "https://wordpress.org/plugins"
  }
]

Source	Link
plugins	www.plugins.trac.wordpress.org/changeset/2852711/woolentor-addons/trunk/includes/helper-function.php
wpscan	www.wpscan.com/vulnerability/1885a708-0e8a-4f4c-8e26-069bebe9a518

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

21 Feb 2023 09:15Current

9.5High risk

Vulners AI Score9.5

CVSS39.8

EPSS0.00242

SSVC