CVE-2023-40672

Missing Authorization vulnerability in Hardik Chavada Sticky Social Media Icons.This issue affects Sticky Social Media Icons: from n/a through 2.1...

CVE-2024-34546

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Habibur Rahman Sticky Social Link sticky-social-link allows DOM-Based XSS.This issue affects Sticky Social Link: from n/a through = 2.0.1...

EUVD-2024-45569

Malicious code in bioql PyPI...

EUVD-2024-34849

Malicious code in bioql PyPI...

EUVD-2025-18327

Malicious code in bioql PyPI...

EUVD-2024-46060

Malicious code in bioql PyPI...

EUVD-2023-45228

Malicious code in bioql PyPI...

CVE-2025-6055

The Zen Sticky Social plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.3. This is due to missing or incorrect nonce validation on the 'zen-social-sticky/zen-sticky-social.php' page. This makes it possible for unauthenticated attackers to...

CVE-2025-6055

The Zen Sticky Social plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.3. This is due to missing or incorrect nonce validation on the 'zen-social-sticky/zen-sticky-social.php' page. This makes it possible for unauthenticated attackers to...

CVE-2025-6055

CVE-2025-6055 affects the Zen Sticky Social WordPress plugin. Public docs state a Cross-Site Request Forgery flaw in versions up to 0.3 caused by missing or incorrect nonce validation on zen-social-sticky/zen-sticky-social.php. This enables unauthenticated attackers to update settings and inject ...

CVE-2025-6055 Zen Sticky Social <= 0.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The Zen Sticky Social plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.3. This is due to missing or incorrect nonce validation on the 'zen-social-sticky/zen-sticky-social.php' page. This makes it possible for unauthenticated attackers to...

WordPress Zen Sticky Social plugin <= 0.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability

Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability discovered by johska in WordPress Plugin Zen Sticky Social versions = 0.3...

PT-2025-25477 · WordPress · Zen Sticky Social

Name of the Vulnerable Software and Affected Versions: Zen Sticky Social plugin for WordPress versions up to, and including, 0.3 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the 'zen-social-sticky/zen-sticky-social.php' page. This...

WordPress plugin Zen Sticky Social 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

CVE-2024-52491

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sanil Shakya Sticky Social Icons sticky-social-icons allows Stored XSS.This issue affects Sticky Social Icons: from n/a through = 1.2.1...

CVE-2024-10551

The Sticky Social Icons WordPress plugin through 1.2.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2023-3320

The WP Sticky Social plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.1. This is due to missing nonce validation in the /admin/views/admin.php file. This makes it possible for unauthenticated attackers to modify the plugin's settings and injec...

CVE-2024-51631

Cross-Site Request Forgery CSRF vulnerability in Md Eftakhairul Islam Sticky Social Bar sticky-social-bar allows Cross Site Request Forgery.This issue affects Sticky Social Bar: from n/a through = 2.0...

CVE-2024-10551

The Sticky Social Icons WordPress plugin through 1.2.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-10551

The Sticky Social Icons WordPress plugin through 1.2.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...