CVE-2025-14767

The WPC Badge Management for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'text' attribute of the wpcbmbestseller shortcode in all versions up to, and including, 3.1.6 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2025-14767

The WPC Badge Management for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'text' attribute of the wpcbmbestseller shortcode in all versions up to, and including, 3.1.6 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2025-14767 WPC Badge Management for WooCommerce <= 3.1.6 - Authenticated (Shop Manager+) Stored Cross-Site Scripting via 'text' Attribute

The WPC Badge Management for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'text' attribute of the wpcbmbestseller shortcode in all versions up to, and including, 3.1.6 due to insufficient input sanitization and output escaping. This makes it possible for...

EUVD-2025-209823

The WPC Badge Management for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'text' attribute of the wpcbmbestseller shortcode in all versions up to, and including, 3.1.6 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2025-14767 WPC Badge Management for WooCommerce <= 3.1.6 - Authenticated (Shop Manager+) Stored Cross-Site Scripting via 'text' Attribute

The WPC Badge Management for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'text' attribute of the wpcbmbestseller shortcode in all versions up to, and including, 3.1.6 due to insufficient input sanitization and output escaping. This makes it possible for...

PT-2026-40581

The WPC Badge Management for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'text' attribute of the wpcbm best seller shortcode in all versions up to, and including, 3.1.6 due to insufficient input sanitization and output escaping. This makes it possible for...

WordPress WPC Badge Management for WooCommerce plugin <= 3.1.6 - Authenticated (Shop Manager+) Stored Cross-Site Scripting vulnerability

Authenticated Shop Manager+ Stored Cross-Site Scripting vulnerability discovered by zaim in WordPress Plugin WPC Badge Management for WooCommerce versions = 3.1.6...

EUVD-2025-25176

Malicious code in bioql PyPI...

CVE-2025-4046

A missing authorization vulnerability in Lexmark Cloud Services badge management allows attacker to reassign badges within their organization...

CVE-2025-4046

A missing authorization vulnerability in Lexmark Cloud Services badge management allows attacker to reassign badges within their organization...

CVE-2025-4046 Missing Authorization in Lexmark Cloud Services badge management

A missing authorization vulnerability in Lexmark Cloud Services badge management allows attacker to reassign badges within their organization...

CVE-2025-4046 Missing Authorization in Lexmark Cloud Services badge management

A missing authorization vulnerability in Lexmark Cloud Services badge management allows attacker to reassign badges within their organization...

CVE-2025-4046

CVE-2025-4046 describes a Missing Authorization vulnerability in Lexmark Cloud Services badge management that could allow reassigning badges within an organization. Affected surface: Lexmark Cloud Services badge management component; root cause: insufficient access control enabling unauthorized r...

Lexmark Cloud Services 安全漏洞

Lexmark Cloud Services is a cloud-based suite of services from Lexmark, Inc. A security vulnerability exists in Lexmark Cloud Services that stems from a lack of authorization for badge management and could allow an attacker to reassign badges within an organization...

CVE-2024-30537

Missing Authorization vulnerability in WPClever WPC Badge Management for WooCommerce.This issue affects WPC Badge Management for WooCommerce: from n/a through 2.4.0...

CVE-2025-26531 IDOR in badges allows disabling of arbitrary badges

Insufficient capability checks made it possible to disable badges a user does not have permission to access...

CVE-2024-30537

Missing Authorization vulnerability in WPClever WPC Badge Management for WooCommerce.This issue affects WPC Badge Management for WooCommerce: from n/a through 2.4.0...

CVE-2024-30537

CVE-2024-30537 concerns the WPC Badge Management for WooCommerce plugin (WordPress) with versions up to 2.4.0. Descriptions in connected sources identify a Missing Authorization / Broken Access Control vulnerability that could allow unauthorized access. Public references indicate the issue affect...

CVE-2024-30537 WordPress WPC Badge Management for WooCommerce plugin <= 2.4.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in WPClever WPC Badge Management for WooCommerce.This issue affects WPC Badge Management for WooCommerce: from n/a through 2.4.0...

CVE-2024-30537 WordPress WPC Badge Management for WooCommerce plugin <= 2.4.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in WPClever WPC Badge Management for WooCommerce.This issue affects WPC Badge Management for WooCommerce: from n/a through 2.4.0...