10 matches found
CVE-2025-14767
The WPC Badge Management for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'text' attribute of the wpcbmbestseller shortcode in all versions up to, and including, 3.1.6 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2025-14767
The WPC Badge Management for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'text' attribute of the wpcbmbestseller shortcode in all versions up to, and including, 3.1.6 due to insufficient input sanitization and output escaping. This makes it possible for...
EUVD-2025-209823
The WPC Badge Management for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'text' attribute of the wpcbmbestseller shortcode in all versions up to, and including, 3.1.6 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2025-14767 WPC Badge Management for WooCommerce <= 3.1.6 - Authenticated (Shop Manager+) Stored Cross-Site Scripting via 'text' Attribute
The WPC Badge Management for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'text' attribute of the wpcbmbestseller shortcode in all versions up to, and including, 3.1.6 due to insufficient input sanitization and output escaping. This makes it possible for...
PT-2026-40581
The WPC Badge Management for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'text' attribute of the wpcbm best seller shortcode in all versions up to, and including, 3.1.6 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2024-30537 WordPress WPC Badge Management for WooCommerce plugin <= 2.4.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in WPClever WPC Badge Management for WooCommerce.This issue affects WPC Badge Management for WooCommerce: from n/a through 2.4.0...
CVE-2024-30537
CVE-2024-30537 concerns the WPC Badge Management for WooCommerce plugin (WordPress) with versions up to 2.4.0. Descriptions in connected sources identify a Missing Authorization / Broken Access Control vulnerability that could allow unauthorized access. Public references indicate the issue affect...
CVE-2024-30537 WordPress WPC Badge Management for WooCommerce plugin <= 2.4.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in WPClever WPC Badge Management for WooCommerce.This issue affects WPC Badge Management for WooCommerce: from n/a through 2.4.0...
PT-2024-23466 · Wpclever · Wpc Badge Management For Woocommerce
Name of the Vulnerable Software and Affected Versions: WPC Badge Management for WooCommerce versions 2.4.0 and earlier Description: The issue is related to a Missing Authorization vulnerability in WPClever WPC Badge Management for WooCommerce. This vulnerability allows unauthorized access due to...
WordPress WPC Badge Management for WooCommerce plugin <= 2.4.0 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin WPC Badge Management for WooCommerce versions = 2.4.0...