cleantalk
Vulnerabilities and Security Researches

ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor), CVE-2024-34767

CVE, Research URL

CVE-2024-34767

Home page URL

Security reports for ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor)

Application

ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor)

Published on
Jun 03, 2024
Research Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in HasThemes ShopLentor allows Stored XSS.This issue affects ShopLentor: from n/a through 2.8.7.
Affected versions
Min -, max 2.8.8.
Status
vulnerable
Previous vulnerability researches
ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) (CVE-2024-8668) , Sep 26, 2024
ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) (CVE-2025-3775) , Apr 26, 2025
ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) (CVE-2025-1527) , Mar 12, 2025
ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) (CVE-2024-5530) , Jun 13, 2024
ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) (CVE-2024-9538) , Oct 11, 2024
New vulnerability
Create custom forms for WordPress with a smart form plugin for smart businesses – Form builder for WordPress (CVE-2025-2801) , Apr 27, 2025
Integração entre Eduzz e Woocommerce (CVE-2025-3906) , Apr 27, 2025
Xelion Webchat (CVE-2025-3058) , Apr 27, 2025
Breeze Display (CVE-2025-3749) , Apr 27, 2025
Add Google +1 (Plus one) social share Button (CVE-2025-3866) , Apr 27, 2025