2 matches found
CVE-2025-14428
creationtimestamp| type| source ---|---|--- 2026-01-01 18:59:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mbf2sjn2cp2g 2026-01-02 07:58:30+00:00| seen| https://gist.github.com/Darkcrai86/2ac13fecaef2b028059530932a95c75d...
CVE-2025-14428 My Sticky Elements <= 2.3.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Bulk Lead Deletion
The All-in-one Sticky Floating Contact Form, Call, Click to Chat, and 50+ Social Icon Tabs - My Sticky Elements plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the 'mystickyelementsbulks' function in all versions up to, and including, 2.3.3. This...