CVE-2025-14465

The Sticky Action Buttons plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1. This is due to missing or incorrect nonce validation on the sabsoptionspageformsubmit function. This makes it possible for unauthenticated attackers to update plug...

CVE-2025-14465

The Sticky Action Buttons plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1. This is due to missing or incorrect nonce validation on the sabsoptionspageformsubmit function. This makes it possible for unauthenticated attackers to update plug...

WordPress plugin Sticky Action Buttons 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host a personal blog site on a PHP and MySQL based...

PT-2026-1637

Name of the Vulnerable Software and Affected Versions Sticky Action Buttons plugin for WordPress versions up to and including 1.1 Description The software is susceptible to Cross-Site Request Forgery CSRF. This is caused by a lack of, or incorrect, nonce validation within the sabs options page fo...

WordPress Sticky Action Buttons plugin <= 1.1 - Cross-Site Request Forgery to Plugin Settings Update vulnerability

Cross-Site Request Forgery to Plugin Settings Update vulnerability discovered by afnaan - SMKN 1 Bantul in WordPress Plugin Sticky Action Buttons versions = 1.1...