Ammonia

**Name of the Vulnerable Software and Affected Versions** ShopLentor - WooCommerce Builder for Elementor & Gutenberg versions prior to 3.3.9 **Description** The ShopLentor - WooCommerce Builder for Elementor & Gutenberg plugin for WordPress contains a Stored Cross-Site Scripting issue. This occurs due to insufficient input sanitization and output escaping within the `blockUniqId` block attribute across multiple Product Gride blocks. Authenticated attackers with contributor-level access or higher can inject arbitrary web scripts into pages, which then execute when a user visits the affected page. **Recommendations** Update the plugin to a version later than 3.3.8.