ShopLentor – All-in-One WooCommerce Growth & Store Enhancement Plugin

Vulnerabilities 26Slug woolentor-addonsLatest version 3.3.9WordPress.org →

Minimum safe version

3.3.6

Update to 3.3.6 or later to address 26 fixable vulnerabilities

Latest available3.3.9 ✓

N/A

2026-02-17< 3.3.3

ShopLentor <= 3.3.2 - Unauthenticated Email Relay Abuse via 'woolentor_suggest_price_action' AJAX Action

Wordfence CVE

N/A

2026-04-13< 3.3.6

ShopLentor <= 3.3.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'button_text' Shortcode Attribute

Wordfence CVE

Critical 9.8

2025-11-04< 3.2.6

CVE-2025-12493

CVE Wordfence

Medium 6.4

2025-10-25< 3.2.5

CVE-2025-11823

CVE EUVD Wordfence

Medium 5.4

2025-09-09< 3.2.1

CVE-2025-58990

CVE Wordfence EUVD

Medium 6.5

2025-04-25< 3.1.3

ShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules – All in One Solution (formerly WooLentor) <= 3.1.2 - Unauthenticated Server-Side Request Forgery via URL Parameter

EUVD Wordfence CVE

Medium 6.4

2025-03-12< 3.1.1

ShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules – All in One Solution (formerly WooLentor) <= 3.1.0 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Flash Sale Countdown Module

EUVD Wordfence Patchstack CVE

Medium 6.5

2024-10-11< 2.9.9

CVE-2024-9538

CVE Patchstack Wordfence

Medium 5.4

2024-09-25< 2.9.8

CVE-2024-8668

CVE Patchstack Wordfence

Medium 5.4

2024-06-11< 2.9.1

CVE-2024-5530