Unrated severityNVD Advisory· Published Feb 21, 2023· Updated Mar 12, 2025
ShopLentor < 2.5.4 - PHP Object Injection
CVE-2023-0232
Description
The ShopLentor WordPress plugin before 2.5.4 unserializes user input from cookies in order to track viewed products and user data, which could lead to PHP Object Injection.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: 0
Patches
Vulnerability mechanics
References
2- plugins.trac.wordpress.org/changeset/2852711/woolentor-addons/trunk/includes/helper-function.phpmitrepatch
- wpscan.com/vulnerability/1885a708-0e8a-4f4c-8e26-069bebe9a518mitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.