Severe Financial Stagnation and Bottom-Tier Market Ranking (high) CodeBard, founded in 2014 (11 years old as of the September 2025 profile update), remains 'unfunded' and ranks 13th out of 13 active competitors in the workflow automation sector. This indicates a severe lack of market traction, inability to secure capital, or a failed business model over a prolonged period.. Recent Critical Security Vulnerability (Stored XSS) (high) A critical security vulnerability (CVE-2025-22757) was disclosed on January 31, 2025, involving Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in the CodeBard Help Desk plugin, allowing Stored XSS.. Systemic Pattern of Multiple Cross-Site Scripting (XSS) Vulnerabilities (high) CodeBard has a recurring issue with XSS vulnerabilities across multiple products, indicating poor security practices. Recent examples include: CVE-2025-22760 (Reflected XSS in Help Desk), CVE-2024-33928 (Reflected XSS in Patron Button and Widgets, CVSS 7.1), and CVE-2023-48329 (Stored XSS in Fast Custom Social Share).. Systemic Pattern of Cross-Site Request Forgery (CSRF) Vulnerabilities (high) CodeBard products exhibit a pattern of CSRF vulnerabilities, allowing unauthorized actions on behalf of authenticated users. Recent examples include: CVE-2024-56222 (CSRF in CodeBard Help Desk, disclosed Dec 31, 2024) and CVE-2024-34807 (CSRF in Fast Custom Social Share).. Historical Customer Complaint Regarding Defective Product and Liability Denial (medium) A customer reported on April 19, 2018, that a 'defective plug in' caused their blog to go down, and CodeBard allegedly responded by minimizing the damage, stating they 'don’t think it could have cost me much.'