N/A
2026-03-11< 2.8.7
My Sticky Bar <= 2.8.6 - Unauthenticated SQL Injection via 'stickymenu_contact_lead_form' Action
My Sticky Bar – Floating Notification Bar & Sticky Header (formerly myStickymenu)
Minimum safe version
2.8.7
Update to 2.8.7 or later to address 7 fixable vulnerabilities
Latest available2.8.9 ✓
Medium 4.8
2024-09-13< 2.7.3
CVE-2024-7133
Medium 4.8
2024-08-01< 2.7.2
CVE-2024-4090
Medium 4.8
2025-05-19< 2.6.8
WordPress My Sticky Bar Plugin < 2.6.8 is vulnerable to Cross Site Scripting (XSS)
Medium 4.3
2024-01-11< 2.6.7
CVE-2023-7048
Medium 5.4
2023-11-20< 2.6.5
CVE-2023-5509
Medium 4.8
2021-08-02< 2.5.2
CVE-2021-24425