A vulnerability was found in wpclever WPC Badge Management for WooCommerce Plugin up to 3.1.6 on WordPress. It has been classified as problematic . The affected element is the function wpcbm_best_seller of the component Shortcode Handler . Performing a manipulation of the argument text results in cross site scripting. This vulnerability is identified as CVE-2025-14767 . The attack can be initiated remotely. There is not any exploit available.