15 matches found
CVE-2026-1714
The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +21 Modules – All in One Solution plugin for WordPress is vulnerable to Email Relay Abuse in all versions up to, and including, 3.3.2. This is due to the lack of validation on the 'sendto', 'producttitle', 'wlmessage', and 'wlemail'...
PT-2025-44584
Name of the Vulnerable Software and Affected Versions King Addons for Elementor versions 24.12.92 through 51.1.14 ShopLentor WordPress Plugin affected versions not specified Description King Addons for Elementor, a WordPress plugin, has a critical privilege escalation issue CVE-2025-8489 that...
EUVD-2024-32557
Malicious code in bioql PyPI...
EUVD-2023-59254
Malicious code in bioql PyPI...
EUVD-2024-16832
Malicious code in bioql PyPI...
EUVD-2024-27812
Malicious code in bioql PyPI...
CVE-2024-8668
The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution formerly WooLentor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the tooltip and countdown functionality in all versions up to, and including, 2.9.7 due to insufficient input...
CVE-2025-3775 ShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules – All in One Solution (formerly WooLentor) <= 3.1.2 - Unauthenticated Server-Side Request Forgery via URL Parameter
The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules – All in One Solution formerly WooLentor plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.1.2 via the woolentortemplateproxy function. This makes it possible for...
CVE-2025-3775 ShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules – All in One Solution (formerly WooLentor) <= 3.1.2 - Unauthenticated Server-Side Request Forgery via URL Parameter
The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules – All in One Solution formerly WooLentor plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.1.2 via the woolentortemplateproxy function. This makes it possible for...
WordPress ShopLentor plugin <= 3.1.2 - Unauthenticated Server-Side Request Forgery via URL Parameter vulnerability
Unauthenticated Server-Side Request Forgery via URL Parameter vulnerability discovered by mikemyers in WordPress Plugin ShopLentor versions = 3.1.2...
CVE-2025-1527
The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules – All in One Solution formerly WooLentor plugin for WordPress is vulnerable to a Stored DOM-Based Cross-Site Scripting via the plugin's Flash Sale Countdown module in all versions up to, and including, 3.1.0 due to...
CVE-2025-1527 ShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules – All in One Solution (formerly WooLentor) <= 3.1.0 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Flash Sale Countdown Module
The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules – All in One Solution formerly WooLentor plugin for WordPress is vulnerable to a Stored DOM-Based Cross-Site Scripting via the plugin's Flash Sale Countdown module in all versions up to, and including, 3.1.0 due to...
CVE-2024-4566
The ShopLentor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxdismiss function in all versions up to, and including, 2.8.8. This makes it possible for authenticated attackers, with contributor-level access and above, to set...
WordPress plugin ShopLentor 信息泄露漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information...
WordPress plugin ShopLentor security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...