Description
The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules – All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.1.2 via the woolentor_template_proxy function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application, and can be used to query and modify information from internal services.
Published: 2025-04-25
Score: 6.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Server‑Side Request Forgery
Action: Update plugin
AI Analysis

Impact

The vulnerability in the ShopLentor plugin allows an unauthenticated attacker to supply an arbitrary URL to the woolentor_template_proxy function, resulting in a server‑side request forgery (SSRF). With this flaw an adversary can have the WordPress application issue HTTP requests to any target, including internal services, potentially exposing sensitive data or manipulating internal resources. The weakness is classified as CWE‑918.

Affected Systems

The affected product is the ShopLentor – All‑in‑One WooCommerce Growth & Store Enhancement Plugin from devitemsllc. All released versions up to and including 3.1.2, which are supported on WordPress sites, are vulnerable. Sites running any of these versions are susceptible.

Risk and Exploitability

The CVSS score of 6.5 indicates moderate severity. The EPSS score of less than 1% suggests a low likelihood of exploitation in the wild at this time, and the issue is not currently listed in the CISA KEV catalog. Because the SSRF endpoint accepts a URL parameter without authentication, the attack vector is a public URL that an attacker can control. If exploited, the attacker could harvest internal network information or perform additional actions against services that can be reached from the hosting environment.

Generated by OpenCVE AI on April 21, 2026 at 21:08 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the ShopLentor plugin to version 3.1.3 or later when it becomes available.
  • If upgrading immediately is not possible, disable or restrict access to the woolentor_template_proxy endpoint (for example, by removing the relevant menu item or applying a path‑based firewall rule).
  • Restrict outbound HTTP(S) traffic from the WordPress host to only approved external domains, limiting the reach of any SSRF exploitation.

Generated by OpenCVE AI on April 21, 2026 at 21:08 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-12403 The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules – All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.1.2 via the woolentor_template_proxy function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application, and can be used to query and modify information from internal services.
History

Wed, 26 Nov 2025 17:45:00 +0000

Type Values Removed Values Added
First Time appeared Hasthemes
Hasthemes shoplentor
CPEs cpe:2.3:a:hasthemes:shoplentor:*:*:*:*:*:wordpress:*:*
Vendors & Products Hasthemes
Hasthemes shoplentor

Fri, 25 Apr 2025 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 25 Apr 2025 04:45:00 +0000

Type Values Removed Values Added
Description The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules – All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.1.2 via the woolentor_template_proxy function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application, and can be used to query and modify information from internal services.
Title ShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules – All in One Solution (formerly WooLentor) <= 3.1.2 - Unauthenticated Server-Side Request Forgery via URL Parameter
Weaknesses CWE-918
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N'}

Subscriptions

Hasthemes Shoplentor
cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published:

Updated: 2026-04-08T16:51:38.675Z

Reserved: 2025-04-17T16:40:43.199Z

Link: CVE-2025-3775

cve-icon Vulnrichment

Updated: 2025-04-25T15:10:22.244Z

cve-icon NVD

Status : Analyzed

Published: 2025-04-25T05:15:33.153

Modified: 2025-11-26T17:32:55.893

Link: CVE-2025-3775

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-21T21:15:45Z

Weaknesses