Mystickymenu
Monthly
The myStickymenu WordPress plugin before 2.6.5 does not adequately authorize some ajax calls, allowing any logged-in user to perform the actions. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
The Floating Notification Bar, Sticky Menu on Scroll, and Sticky Header for Any Theme - myStickymenu WordPress plugin before 2.5.2 does not sanitise or escape its Bar Text settings, allowing hight. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
The myStickymenu WordPress plugin before 2.6.5 does not adequately authorize some ajax calls, allowing any logged-in user to perform the actions. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
The Floating Notification Bar, Sticky Menu on Scroll, and Sticky Header for Any Theme - myStickymenu WordPress plugin before 2.5.2 does not sanitise or escape its Bar Text settings, allowing hight. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.