Thought I'd suggest that you add an HTTP Parameter Pollution challenge.
Interestingly while I was poking around the heroku instance I found the following:
1) Search is somewhat impacted, if you specify two q params and values the search result page doesn't render properly. i.e.: http://juice-shop.herokuapp.com/#/search?q=hoodie&q=lemon
2) Contact form does seem vulnerable, though tampering POST/JSON may not be everyone's cup of tea... It's also a kind of weak example and doesn't really get the "attacker" anything useful in the end.
Example:
Request:
POST /api/Feedbacks/ HTTP/1.1
Host: juice-shop.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:51.0) Gecko/20100101 Firefox/51.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://juice-shop.herokuapp.com/
Content-Type: application/json;charset=utf-8
Content-Length: 63
Cookie: io=63cDkUKnjTNXRqYLAAAj
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
{"comment":"james was here","rating":2,"comment":"so was fred"}
Response:
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Content-Length: 150
Etag: W/"96-XqpXSFISEgqoVwW7hYfcjw"
Date: Wed, 22 Feb 2017 13:18:50 GMT
Via: 1.1 vegur
{"status":"success","data":{"comment":"so was fred","rating":2,"id":12,"updatedAt":"2017-02-22T13:18:50.000Z","createdAt":"2017-02-22T13:18:50.000Z"}}
I ran out of time to play and see what might be possible. I was hoping to come across a GET request where I could tamper something from view or add to delete or remove, but in the 20mins I had to poke around couldn't fine one.....
There might be other more simple or slick ways to implement. Anyawy, there's some food for thought.
Refs:
https://www.owasp.org/index.php/Testing_for_HTTP_Parameter_pollution_%28OTG-INPVAL-004%29
http://blog.mindedsecurity.com/2009/05/client-side-http-parameter-pollution.html
https://www.youtube.com/watch?v=Tosp-JyWVS4
Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.
So i found a Bug which allows adding products to somebody else's basket and is not listed in challenges. The following challenge can be designed around it.

Per https://github.com/bkimminich/juice-shop/pull/623 this is done?
Yes, sir! 鈽戯笍
This thread has been automatically locked because it has not had recent activity after it was closed. :lock: Please open a new issue for regressions or related bugs.
Most helpful comment
So i found a Bug which allows adding products to somebody else's basket and is not listed in challenges. The following challenge can be designed around it.