CVE-2024-11140

LOW Year: 2024
CVSS v3 Score
3.5
Low
Weakness Type
NVD-CWE-Other
View all →

Vulnerability Description

The Real WP Shop Lite Ajax eCommerce Shopping Cart WordPress plugin through 2.0.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

Related Vulnerabilities

CVE-2016-3531

LOW
CVSS:3.5(Low)

Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect confidentiality via vectors related to PC ...

NVD-CWE-Other2016

CVE-2017-10014

LOW
CVSS:3.5(Low)

Vulnerability in the Oracle Hospitality Hotel Mobile component of Oracle Hospitality Applications (subcomponent: Suite8/RESTAPI). The supported version that is affected is 1.1. Easily exploitable vuln...

NVD-CWE-Other2017

CVE-2017-10308

LOW
CVSS:3.5(Low)

Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Performance). Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerab...

NVD-CWE-Other2017

CVE-2017-3235

LOW
CVSS:3.5(Low)

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2...

NVD-CWE-Other2017

CVE-2019-18179

LOW
CVSS:3.5(Low)

An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.12, and Community Edition 5.0.x through 5.0.38 and 6.0.x through 6.0.23. An attacker who is logged into OTRS as an agent ...

NVD-CWE-Other2019

CVE-2019-2547

LOW
CVSS:3.5(Low)

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows low privileged ...

NVD-CWE-Other2019