← Back

Wp Sticky Button

wp_sticky_button

Vendor: Okapitech • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-2375
1Okapitech
1Wp Sticky Button
Jun 17, 2026
Aug 22, 2022
N/A· v4
5.4 MEDIUM· v3
N/A· v2
The WP Sticky Button WordPress plugin before 1.4.1 does not have authorisation and CSRF checks when saving its settings, allowing unauthenticated users to update them. Furthermore, due to the lack of escaping in some of...Show more
The WP Sticky Button WordPress plugin before 1.4.1 does not have authorisation and CSRF checks when saving its settings, allowing unauthenticated users to update them. Furthermore, due to the lack of escaping in some of them, it could lead to Stored Cross-Site Scripting issuesShow less