Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

14 matches found

Patchstack
Patchstackadded 2026/05/19 12:4 p.m.9 views

WordPress Sticky plugin <= 2.5.6 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zaim in WordPress Plugin Sticky versions = 2.5.6...

6.4CVSS5.8AI score0.00252EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2025/12/31 4:8 p.m.24 views

CVE-2025-62087 WordPress Sticky Notes for WP Dashboard plugin <= 1.2.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Web Builder 143 Sticky Notes for WP Dashboard wb-sticky-notes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sticky Notes for WP Dashboard: from n/a through = 1.2.4...

4.3CVSS0.00176EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/02/25 2:17 p.m.6 views

CVE-2025-26881 WordPress Sticky Content plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bPlugins Sticky Content sticky-menu-block allows Stored XSS.This issue affects Sticky Content: from n/a through = 1.0.1...

6.5CVSS8.6AI score0.00237EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/02/25 2:17 p.m.17 views

CVE-2025-26881 WordPress Sticky Content plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bPlugins Sticky Content sticky-menu-block allows Stored XSS.This issue affects Sticky Content: from n/a through = 1.0.1...

6.5CVSS0.00237EPSS
Exploits0References1
CVE
CVEadded 2025/01/24 5:25 p.m.61 views

CVE-2025-24720

CVE-2025-24720 describes a Cross-Site Request Forgery (CSRF) to Settings Update vulnerability in the WordPress plugin Sticky Buttons (Wow-Company), affecting versions through 4.1.1. The initial description and multiple security trackers corroborate the CSRF flaw, with references noting impact to ...

5.4CVSS7.2AI score0.00182EPSS
Exploits0References1
Patchstack
Patchstackadded 2024/11/01 12:0 a.m.9 views

WordPress Sticky Social Bar Plugin <= 2.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Sticky Social Bar Type Plugin Vulnerable versions = 2.0 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-51631 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 1d738a190c0e Credits SOPROBRO Required...

7.1CVSS6.6AI score0.00194EPSS
Exploits0References1Affected Software1
Patchstack
Patchstackadded 2024/05/07 12:0 a.m.9 views

WordPress Sticky Social Link Plugin <= 2.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Sticky Social Link Type Plugin Vulnerable versions = 2.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34546 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 7d46fd341169 Credits t0y4 Required privilege Administrator...

5.9CVSS6.6AI score0.00279EPSS
Exploits0References2Affected Software1
Patchstack
Patchstackadded 2024/05/02 12:0 a.m.7 views

WordPress Sticky Buttons Plugin < 3.2.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software Sticky Buttons Type Plugin Vulnerable versions 3.2.4 Fixed in 3.2.4 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-3475 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID c9f456e279d5 Credits Bob Matyas Required...

6.6AI score0.00283EPSS
Exploits2References4Affected Software1
Patchstack
Patchstackadded 2024/04/25 12:0 a.m.6 views

WordPress Sticky Anything Plugin <= 2.1.5 is vulnerable to Broken Access Control

Software Sticky Anything Type Plugin Vulnerable versions = 2.1.5 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-33646 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID da01f8f0e18d Credits Dimas Maulana Required...

7.1CVSS6.5AI score0.00184EPSS
Exploits0References1Affected Software1
Patchstack
Patchstackadded 2024/03/29 12:0 a.m.8 views

WordPress Sticky Anything Plugin <= 2.1.5 is vulnerable to Cross Site Scripting (XSS)

Software Sticky Anything Type Plugin Vulnerable versions = 2.1.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-30551 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 25bb0e7db645 Credits Mika Required privilege...

7.1CVSS6.5AI score0.00334EPSS
Exploits0References1Affected Software1
Patchstack
Patchstackadded 2024/01/23 12:0 a.m.18 views

WordPress Sticky Buttons Plugin <= 3.2.2 is vulnerable to Cross Site Scripting (XSS)

Software Sticky Buttons Type Plugin Vulnerable versions = 3.2.2 Fixed in 3.2.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0703 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID ba3529117da4 Credits Dipak Panchal th3.d1p4k...

4.8CVSS6AI score0.00301EPSS
Exploits0References3Affected Software1
Patchstack
Patchstackadded 2023/12/26 12:0 a.m.11 views

WordPress Sticky Chat Widget Plugin <= 1.1.8 is vulnerable to Cross Site Scripting (XSS)

Software Sticky Chat Widget Type Plugin Vulnerable versions = 1.1.8 Fixed in 1.1.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-51361 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 0466bd6e4c4f Credits emad Required privilege Administrat...

5.9CVSS6.6AI score0.00335EPSS
Exploits0References2Affected Software1
Patchstack
Patchstackadded 2023/08/21 12:0 a.m.10 views

WordPress Sticky Social Media Icons Plugin <= 2.1 is vulnerable to Broken Access Control

Software Sticky Social Media Icons Type Plugin Vulnerable versions = 2.1 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-40672 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 5150e51e3f9b Credits Nguyen Xuan Chien...

5.4CVSS6.6AI score0.00295EPSS
Exploits0References1Affected Software1
Patchstack
Patchstackadded 2023/02/15 12:0 a.m.8 views

WordPress Sticky Ad Bar Plugin <= 1.3.1 is vulnerable to Cross Site Scripting (XSS)

Software Sticky Ad Bar Type Plugin Vulnerable versions = 1.3.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-25784 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 9b071150c5e1 Credits Rio Darmawan Required...

5.9CVSS5.8AI score0.00369EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder