VYPR

Badge Management for WooCommerce

by WPC

Source repositories

CVEs (4)

  • CVE-2025-14767MedMay 13, 2026
    WPC
    Badge Management for WooCommerce
    risk 0.29cvss 5.5epss 0.00

    The WPC Badge Management for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'text' attribute of the `wpcbm_best_seller` shortcode in all versions up to, and including, 3.1.6 due to insufficient input sanitization and output escaping. This…

  • CVE-2024-30537Jun 9, 2024
    WPC
    Badge Management for WooCommerce
    risk 0.00cvss epss 0.00

    Missing Authorization vulnerability in WPClever WPC Badge Management for WooCommerce.This issue affects WPC Badge Management for WooCommerce: from n/a through 2.4.0.

  • CVE-2023-39158Oct 3, 2023
    Thedotstore
    WooCommerce Category Banner Management
    risk 0.00cvss epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in theDotstore Banner Management For WooCommerce plugin <= 2.4.2 versions.

  • CVE-2018-11579May 31, 2018
    WordPress
    Woo Category Banner Management
    risk 0.00cvss epss 0.01

    class-woo-banner-management.php in the MULTIDOTS WooCommerce Category Banner Management plugin 1.1.0 for WordPress has an Unauthenticated Settings Change Vulnerability, related to certain wp_ajax_nopriv_ usage. Anyone can change the plugin's setting by simply sending a request…