A vulnerability, which was classified as problematic , has been found in devitemsllc ShopLentor Plugin up to 3.3.5 on WordPress. Affected by this issue is the function woolentor_quickview_button of the component Shortcode Handler . The manipulation leads to cross site scripting. This vulnerability is documented as CVE-2026-4059 . The attack can be initiated remotely. There is not any exploit available. It is advisable to upgrade the affected component.