Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1110 CNY

100%
Buy Us a Coffee

devitemsllc — Vulnerabilities & Security Advisories 43

Browse all 43 CVE security advisories affecting devitemsllc. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Devitemsllc operates as a software development entity, primarily providing digital assets and components for web applications. Security audits reveal a concerning pattern of forty-three recorded Common Vulnerabilities and Exposures (CVEs), indicating systemic issues in their development lifecycle. The most prevalent vulnerability classes include Remote Code Execution (RCE), Cross-Site Scripting (XSS), and SQL Injection, suggesting inadequate input validation and sanitization protocols. Additionally, instances of broken access control and privilege escalation highlight significant flaws in authentication and authorization mechanisms. These technical deficiencies pose substantial risks to downstream clients relying on devitemsllc’s integrated solutions. While no single catastrophic data breach has been publicly attributed solely to the company, the high volume of critical flaws necessitates rigorous third-party security assessments. Organizations utilizing these components must implement strict sandboxing and continuous monitoring to mitigate the inherent risks associated with the identified attack vectors.

Found 18 results / 43Clear Filters
Top products by devitemsllc: HT Mega Addons for Elementor – Elementor Widgets & Template Builder ShopLentor – All-in-One WooCommerce Growth & Store Enhancement Plugin HT Event – WordPress Event Manager Plugin for Elementor
CVE IDTitleCVSSSeverityPublished
CVE-2026-4059 ShopLentor <= 3.3.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'button_text' Shortcode Attribute — ShopLentor – All-in-One WooCommerce Growth & Store Enhancement PluginCWE-79 6.4 Medium2026-04-14
CVE-2026-1714 ShopLentor <= 3.3.2 - Unauthenticated Email Relay Abuse via 'woolentor_suggest_price_action' AJAX Action — ShopLentor – All-in-One WooCommerce Growth & Store Enhancement PluginCWE-93 8.6 High2026-02-18
CVE-2025-12493 ShopLentor <= 3.2.5 - Unauthenticated Local PHP File Inclusion via 'load_template' — ShopLentor – All-in-One WooCommerce Growth & Store Enhancement PluginCWE-22 9.8 Critical2025-11-04
CVE-2025-11823 ShopLentor – WooCommerce Builder for Elementor & Gutenberg +21 Modules – All in One Solution <= 3.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — ShopLentor – All-in-One WooCommerce Growth & Store Enhancement PluginCWE-80 6.4 Medium2025-10-25
CVE-2025-3775 ShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules – All in One Solution (formerly WooLentor) <= 3.1.2 - Unauthenticated Server-Side Request Forgery via URL Parameter — ShopLentor – All-in-One WooCommerce Growth & Store Enhancement PluginCWE-918 6.5 Medium2025-04-25
CVE-2025-1527 ShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules – All in One Solution (formerly WooLentor) <= 3.1.0 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Flash Sale Countdown Module — ShopLentor – All-in-One WooCommerce Growth & Store Enhancement PluginCWE-79 6.4 Medium2025-03-12
CVE-2024-9538 ShopLentor <= 2.9.8 - Authenticated (Contributor+) Sensitive Information Exposure via WL: FAQ Widget Elementor Template — ShopLentor – All-in-One WooCommerce Growth & Store Enhancement PluginCWE-200 4.3 Medium2024-10-11
CVE-2024-8668 ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) <= 2.9.7 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting — ShopLentor – All-in-One WooCommerce Growth & Store Enhancement PluginCWE-79 6.4 Medium2024-09-25
CVE-2024-5530 ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) <= 2.9.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via WL Product Horizontal Filter Widget — ShopLentor – All-in-One WooCommerce Growth & Store Enhancement PluginCWE-79 6.4 Medium2024-06-11
CVE-2024-3345 ShopLentor <= 2.8.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via woolentorsearch Shortcode — ShopLentor – All-in-One WooCommerce Growth & Store Enhancement PluginCWE-79 6.4 Medium2024-05-21
CVE-2024-4566 ShopLentor <= 2.8.8 - Missing Authorization to WordPress Option Modification — ShopLentor – All-in-One WooCommerce Growth & Store Enhancement PluginCWE-862 7.1 High2024-05-21
CVE-2023-6327 ShopLentor (formerly WooLentor) <= 2.8.7 - Missing Authorization via purchased_new_products — ShopLentor – All-in-One WooCommerce Growth & Store Enhancement PluginCWE-862 5.3 Medium2024-05-09
CVE-2023-7067 ShopLentor <= 2.8.1 - Improper Authorization via woolentor_template_store — ShopLentor – All-in-One WooCommerce Growth & Store Enhancement PluginCWE-862 4.3 Medium2024-05-02
CVE-2024-3991 ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) <= 2.8.7 - Authenticated (contributor+) Stored Cross-Site Scripting via _id — ShopLentor – All-in-One WooCommerce Growth & Store Enhancement PluginCWE-79 6.4 Medium2024-05-02
CVE-2024-1057 ShopLentor – WooCommerce Builder for Elementor & Gutenberg +10 Modules – All in One Solution (formerly WooLentor) <= 2.8.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — ShopLentor – All-in-One WooCommerce Growth & Store Enhancement PluginCWE-79 6.4 Medium2024-04-20
CVE-2024-2946 ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) <= 2.8.4 - Authenticated (Contributor+) Stored Cross-site Scripting via QR Code Widget — ShopLentor – All-in-One WooCommerce Growth & Store Enhancement PluginCWE-79 6.4 Medium2024-04-09
CVE-2024-1960 ShopLentor <= 2.8.1 - Authenticated(Contributor+) Stored Cross-Site Scripting via Banner Link — ShopLentor – All-in-One WooCommerce Growth & Store Enhancement PluginCWE-79 6.4 Medium2024-04-09
CVE-2024-2868 ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) <= 2.8.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via WL Universal Product Layout — ShopLentor – All-in-One WooCommerce Growth & Store Enhancement PluginCWE-79 6.4 Medium2024-04-04

This page lists every published CVE security advisory associated with devitemsllc. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.