CVE-2024-9538 in ShopLentor Plugininfo

Summary

by MITRE • 10/11/2024

The ShopLentor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.9.8 via the 'render' function in includes/addons/wl_faq.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft Elementor template data.

Be aware that VulDB is the high quality source for vulnerability data.

Analysis

by VulDB Data Team • 11/26/2025

The ShopLentor plugin for WordPress presents a critical sensitive information exposure vulnerability that affects all versions up to and including 2.9.8. This vulnerability specifically resides within the 'render' function located in the includes/addons/wl_faq.php file, creating a significant security risk for WordPress installations that utilize this plugin. The flaw allows authenticated attackers who possess Contributor-level access or higher privileges to extract confidential data from Elementor templates that are marked as private, pending, or draft status. This represents a fundamental breakdown in access control mechanisms within the plugin's code structure.

The technical nature of this vulnerability stems from improper authorization checks within the render function that processes FAQ elements in the plugin's functionality. When authenticated users with Contributor permissions attempt to access certain endpoints or functions, the plugin fails to properly validate whether the requesting user has appropriate permissions to view the specific template data in question. This weakness enables attackers to bypass normal access restrictions that should prevent unauthorized viewing of unpublished or private content. The vulnerability operates at the application layer and leverages the existing authentication mechanism to escalate privileges within the plugin's scope, making it particularly dangerous as it requires minimal additional exploitation effort beyond establishing initial authenticated access.

The operational impact of this vulnerability extends beyond simple data exposure, as it compromises the integrity and confidentiality of unpublished content that may contain sensitive business information, proprietary designs, or strategic planning elements. Attackers with Contributor-level access can potentially extract complete Elementor templates that are in draft state, including their associated styling, content, and structural configurations. This exposure could lead to competitive intelligence theft, intellectual property leakage, or unauthorized modification of content that should remain private until publication. The vulnerability affects not only the immediate content but also potentially exposes underlying template structures that could aid in further exploitation attempts against the WordPress installation or related systems.

Organizations utilizing the ShopLentor plugin must implement immediate mitigations to address this vulnerability. The most effective solution involves updating to the latest version of the plugin where the access control mechanisms have been properly implemented and tested. Until such updates are available, administrators should consider restricting Contributor-level access to only essential functionalities and implementing additional monitoring of plugin usage patterns. The vulnerability aligns with CWE-284 which addresses improper access control, and represents a specific implementation of the broader category of privilege escalation through insufficient authorization checks. From an att&ck framework perspective, this vulnerability maps to privilege escalation techniques where adversaries leverage existing credentials to access restricted data, potentially enabling further compromise through information gathering phases. Security teams should also consider implementing network-level monitoring to detect unusual patterns in plugin API calls or template data access requests that could indicate exploitation attempts.

Reservation

10/04/2024

Disclosure

10/11/2024

Moderation

accepted

CPE

ready

EPSS

0.00397

KEV

no

Activities

very low

Sources

Do you want to use VulDB in your project?

Use the official API to access entries easily!