cleantalk
Vulnerabilities and Security Researches

Sticky Buttons – floating buttons builder, CVE-2025-24720

CVE, Research URL

CVE-2025-24720

Home page URL

Security reports for Sticky Buttons – floating buttons builder

Application

Sticky Buttons – floating buttons builder

Published on
Jan 24, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Sticky Buttons sticky-buttons allows Cross Site Request Forgery.This issue affects Sticky Buttons: from n/a through <= 4.1.1.
Affected versions
max 4.1.2.
Status
vulnerable
Previous vulnerability researches
Sticky Buttons &#8211; floating buttons builder (870db21795be87364d12ad8e25fd5a926cbf8a35) , Jun 16, 2026
Sticky Buttons &#8211; floating buttons builder (CVE-2023-2362) , Jun 07, 2024
Sticky Buttons &#8211; floating buttons builder (CVE-2024-3475) , Jun 07, 2024
Sticky Buttons &#8211; floating buttons builder (CVE-2024-0703) , Jun 07, 2024
Sticky Buttons &#8211; floating buttons builder (CVE-2025-24720) , Jan 26, 2025
New vulnerability
WooCommerce (CVE-2022-50972) , Jun 22, 2026
Simple File List (CVE-2026-11911) , Jun 21, 2026
Simple File List (CVE-2026-12119) , Jun 21, 2026
Simple File List (CVE-2026-11912) , Jun 21, 2026
WP Hotel Booking (CVE-2026-9822) , Jun 21, 2026