Premio My Sticky Bar Floating Notification Bar Sticky Header vulnerabilities
2 known vulnerabilities affecting premio/my_sticky_bar_floating_notification_bar_sticky_header.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
1
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2026-3657P2HIGHCVSS 7.5Exploited≤ 2.8.62026-03-12
CVE-2026-3657 [HIGH] CWE-89 CVE-2026-3657: The My Sticky Bar plugin for WordPress is vulnerable to SQL injection via the `stickymenu_contact_le
The My Sticky Bar plugin for WordPress is vulnerable to SQL injection via the `stickymenu_contact_lead_form` AJAX action in all versions up to, and including, 2.8.6. This is due to the handler using attacker-controlled POST parameter names directly as SQL column identifiers in `$wpdb->insert()`. While parameter values are sanitized with `esc_sql()` and `
nvd
CVE-2023-7048P4MEDIUMCVSS 4.3≤ 2.6.62024-01-11
CVE-2023-7048 [MEDIUM] CWE-352 CVE-2023-7048: The My Sticky Bar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions u
The My Sticky Bar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.6.6. This is due to missing or incorrect nonce validation in mystickymenu-contact-leads.php. This makes it possible for unauthenticated attackers to trigger the export of a CSV file containing contact leads via a forged request gr
nvd