CVE-2025-14428

The All-in-one Sticky Floating Contact Form, Call, Click to Chat, and 50+ Social Icon Tabs - My Sticky Elements plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the 'mystickyelementsbulks' function in all versions up to, and including, 2.3.3. This...

CVE-2025-14428 My Sticky Elements <= 2.3.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Bulk Lead Deletion

The All-in-one Sticky Floating Contact Form, Call, Click to Chat, and 50+ Social Icon Tabs - My Sticky Elements plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the 'mystickyelementsbulks' function in all versions up to, and including, 2.3.3. This...

EUVD-2026-0015

The All-in-one Sticky Floating Contact Form, Call, Click to Chat, and 50+ Social Icon Tabs - My Sticky Elements plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the 'mystickyelementsbulks' function in all versions up to, and including, 2.3.3. This...

CVE-2025-14428

CVE-2025-14428 affects the WordPress plugin “All-in-one Sticky Floating Contact Form, Call, Click to Chat, and 50+ Social Icon Tabs – My Sticky Elements” up to version 2.3.3. The issue is a missing capability check in the my_sticky_elements_bulks function, allowing authenticated attackers with Su...

CVE-2025-14428 My Sticky Elements <= 2.3.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Bulk Lead Deletion

The All-in-one Sticky Floating Contact Form, Call, Click to Chat, and 50+ Social Icon Tabs - My Sticky Elements plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the 'mystickyelementsbulks' function in all versions up to, and including, 2.3.3. This...

WordPress plugin My Sticky Elements 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

PT-2026-1009

Name of the Vulnerable Software and Affected Versions My Sticky Elements plugin for WordPress versions prior to 2.3.4 Description The My Sticky Elements plugin for WordPress is susceptible to unauthorized data loss. A missing capability check within the my sticky elements bulks function allows...

CVE-2025-68995

Missing Authorization vulnerability in Premio My Sticky Elements mystickyelements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects My Sticky Elements: from n/a through = 2.3.3...

EUVD-2025-205741

Missing Authorization vulnerability in Gal Dubinski My Sticky Elements mystickyelements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects My Sticky Elements: from n/a through = 2.3.3...

CVE-2025-68995

Missing Authorization vulnerability in Premio My Sticky Elements mystickyelements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects My Sticky Elements: from n/a through = 2.3.3...

CVE-2025-68995

Technical details about CVE-2025-68995 are not provided in the supplied documents. The connected Wordfence report lists many vulnerabilities but does not disclose specifics for this CVE. Monitor for official advisories.

CVE-2025-68995 WordPress My Sticky Elements plugin <= 2.3.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Premio My Sticky Elements mystickyelements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects My Sticky Elements: from n/a through = 2.3.3...

CVE-2025-68995 WordPress My Sticky Elements plugin <= 2.3.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Premio My Sticky Elements mystickyelements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects My Sticky Elements: from n/a through = 2.3.3...

WordPress plugin My Sticky Elements 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

PT-2025-53884

Name of the Vulnerable Software and Affected Versions My Sticky Elements versions prior to 2.3.3 Description The software contains a missing authorization issue, allowing exploitation of incorrectly configured access control security levels. Recommendations Update My Sticky Elements to a version...

WordPress My Sticky Elements plugin <= 2.3.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by daroo in WordPress Plugin My Sticky Elements versions = 2.3.3...

EUVD-2023-12537

Malicious code in bioql PyPI...

EUVD-2023-56083

Malicious code in bioql PyPI...

CVE-2023-0487

The My Sticky Elements WordPress plugin before 2.0.9 does not properly sanitise and escape a parameter before using it in a SQL statement when deleting messages, leading to a SQL injection exploitable by high privilege users such as admin...

PT-2024-14090 · Premio · All-In-One Floating Contact Form – My Sticky Elements

Name of the Vulnerable Software and Affected Versions: All-in-one Floating Contact Form – My Sticky Elements versions 2.1.3 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. This...