Skip to main content

Mystickymenu

2 CVEs product

Monthly

CVE-2023-5509 MEDIUM POC This Month

The myStickymenu WordPress plugin before 2.6.5 does not adequately authorize some ajax calls, allowing any logged-in user to perform the actions. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Authentication Bypass Mystickymenu
NVD WPScan
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-24425 MEDIUM POC This Month

The Floating Notification Bar, Sticky Menu on Scroll, and Sticky Header for Any Theme - myStickymenu WordPress plugin before 2.5.2 does not sanitise or escape its Bar Text settings, allowing hight. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Mystickymenu
NVD WPScan
CVSS 3.1
4.8
EPSS
0.6%
EPSS 1% CVSS 5.4
MEDIUM POC This Month

The myStickymenu WordPress plugin before 2.6.5 does not adequately authorize some ajax calls, allowing any logged-in user to perform the actions. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Authentication Bypass Mystickymenu
NVD WPScan
EPSS 1% CVSS 4.8
MEDIUM POC This Month

The Floating Notification Bar, Sticky Menu on Scroll, and Sticky Header for Any Theme - myStickymenu WordPress plugin before 2.5.2 does not sanitise or escape its Bar Text settings, allowing hight. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Mystickymenu
NVD WPScan

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy