VYPR

myStickymenu

by WordPress

CVEs (2)

  • CVE-2023-5509MedNov 20, 2023
    risk 0.35cvss 5.4epss 0.01

    The myStickymenu WordPress plugin before 2.6.5 does not adequately authorize some ajax calls, allowing any logged-in user to perform the actions.

  • CVE-2021-24425MedAug 2, 2021
    risk 0.31cvss 4.8epss 0.01

    The Floating Notification Bar, Sticky Menu on Scroll, and Sticky Header for Any Theme – myStickymenu WordPress plugin before 2.5.2 does not sanitise or escape its Bar Text settings, allowing hight privilege users to use malicious JavaScript in it, leading to a Stored…