VYPR

WooLentor

by WordPress

CVEs (2)

  • CVE-2024-1960MedApr 9, 2024
    risk 0.35cvss 6.4epss 0.01

    The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Special Offer Day Widget Banner Link in all versions up to, and including, 2.8.1…

  • CVE-2021-24262MedMay 5, 2021
    risk 0.35cvss 5.4epss 0.01

    The “WooLentor – WooCommerce Elementor Addons + Builder” WordPress Plugin before 1.8.6 has a widget that is vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.