The ShopLentor WordPress plugin before 2.5.4 unserializes user input from cookies in order to track viewed products and user data, which could lead to PHP Object Injection.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Shoplentor | Hasthemes | * | 2.5.4 (excluding) |