WordPress ShopLentor Plugin < 2.5.4 Multiple Vulnerabilities

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:hasthemes:woolentor-woocommerceelementoraddons%2bbuilder";...

CVE-2023-0232

creationtimestamp| type| source ---|---|--- 2023-02-21 12:21:37+00:00| seen| https://t.me/cibsecurity/58579...

CVE-2023-0232 ShopLentor < 2.5.4 - PHP Object Injection

The ShopLentor WordPress plugin before 2.5.4 unserializes user input from cookies in order to track viewed products and user data, which could lead to PHP Object Injection...

WordPress ShopLentor Plugin < 2.5.4 is vulnerable to PHP Object Injection

Software ShopLentor Type Plugin Vulnerable versions 2.5.4 Fixed in 2.5.4 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2023-0232 Patch priority High CVSS severity High 5.4 Developer Claim ownership PSID 0065ec87acd5 Credits WPScan Required privilege Unauthenticated...